Thu, Feb
37 New Articles

Email Compliance in Companies

Email Compliance in Companies


Storing and filing of emails often happens without much attention. While the employer does have a legitimate interest in information and control of the email traffic at the workplace, this can present a high degree of risk if employees are left alone with the responsibility of storing and filing emails correctly and appropriately.

The Austrian law, however, does not specifically regulate issues regarding filing and storage of emails at the workplace. Therefore, a well-thought compliance organization should also address the documentation of (internal) company information, in order to demonstrate the compliance with laws by the company in case of government authorities conducting investigations. It has to be noted that email compliance in companies explicitly touches upon issues of labor law and data protection law.

On a general note, the employer is entitled to prohibit the private use of computers, the internet and emails. If so, the employer may not expect its employees to use emails or data for private use. However, in most cases companies permit the private use of emails or computers, which restricts the access of the employer to those accounts to very limited cases. If the private use is allowed it is advisable to create an additional (private) email folder for employees to file their private emails there or clearly mark emails per se as "private" (e.g. in the subject heading), in order to facilitate the differentiation from company-designated email correspondence. Otherwise potential data protection conflicts could arise for the employer when trying to select or check emails of employees.

Most importantly, companies should be aware of where and how emails are filed and stored internally at all times. Hence, one possibility would be to store and archive emails on external servers automatically and thus taking that responsibility off the employees' shoulders. At the same time, the employer would always know the exact location of its emails and data.

By Alexander Schultmeyer, Senior Associate, DLA Piper Vienna