While email is an efficient and timely way to reach people, it is very important that we take care in how we use email to communicate.
We have a number of legal obligations to protect someone’s personal information under the Data Protection Act 1998. This includes email addresses and personal information which may be contained within an email.
We recognise that volunteers often share a computer at home with their family. It is important to have a separate email address for Association emails, which is password protected and not accessible to family and friends.
While personal information may be included in the body of an email, it is important to adhere to the following:
- Only include necessary information about individuals
- Do not include any names, personal or sensitive information in the subject line. Remember: if a person is identified in the subject line a request can be made to see what information has been shared (see subject access request)
- Ensure email content is clear, factual and correct
- Non-judgemental and objective language should be used
- Outgoing messages should carry a legal disclaimer, which includes a statement about confidentiality and unauthorised access
- Attachments containing personal information should be password protected
- Use the BCC (blind copy) option when emailing to groups of people to protect individual’s email addresses
- If information about more than one individual is being shared, it must be done on a need to know basis and be in a password protected document