Home / Medicine & the Law / Craft an e-mail policy for your employees

Craft an e-mail policy for your employees

By Frankie Jo Pacilla, Esq.

Electronic mail (e-mail) has become an increasingly utilized tool in the practice of medicine and is now used by many physician practice groups to facilitate communication between office staff, referral sources, hospitals, pharmacists, pharmaceutical companies, vendors and patients. E-mail communication has many positive attributes. It has become widely available, is convenient and inexpensive. There are however, potential pitfalls associated with the use of e-mail in a physician practice group setting if it is not properly utilized.

A physician practice group that has brought its employees on-line, by providing them with e-mail and Internet access via the company’s computers, should recognize that by doing so they need to address concerns about employee productivity, confidentiality and potential legal issues associated with its use. Employee misuse of e-mail/Internet can be a source of legal liability for the practice. Physician practice groups must not lose sight of the fact that they are employers, as well as health care providers and are consequently responsible for managing and monitoring their employees’ use of the practice computer system to ensure its proper and legal usage.

Adopting an effective written policy that addresses the proper use of the practice’s computers will help reduce risks associated with e-mail and Internet usage and will provide the practice with needed protection. Once created, the practice’s written e-mail/Internet usage policy should be incorporated into the existing written employee office manual. Every employee that has computer e-mail/Internet access at work should receive a copy of the policy, and should sign a statement acknowledging that they have received and reviewed the policy, understand it and agree to abide by all of its terms. This acknowledgment should then be placed in each employee’s personnel file.

Personal Usage Restrictions

It is generally not necessary or realistic to have a policy which absolutely prohibits personal usage of the practice e-mail/Internet system by employees. The better approach is to have a primary business use policy which permits limited use of e-mail/Internet for personal use if certain guidelines are adhered to, such as:

· Limit personal e-mail usage to an average of not more than 3-5 personal e-mails a day.

· Limit use of the Internet for personal purposes to non-working hours only, such as breaks or over lunch.

· Personal use of e-mail/Internet must not interfere with the performance of work duties.

· Personal e-mails and Internet usage must adhere to all guidelines of the e-mail/Internet usage policy including the guidelines on prohibited e-mail/Internet use.

· Personal use must not be of a commercial or profit-making nature, or for any other form of personal financial gain.

Prohibited Uses Defined

The e-mail/Internet usage policy should specifically state that the practice e-mail system shall not be used for:

· The transmission of offensive, inappropriate, demeaning, disruptive, threatening, sexually explicit, defamatory or discriminatory e-mails or the use of e-mail for purposes likely to be deemed as harassment of any kind or nature.

· The transmission of any confidential practice or patient information in violation of the practice’s confidentiality policy and the Health Insurance Portability and Accountability Act of 1996 (HIPAA).

The policy should also state that employees must advise management immediately if they received an e-mail that has transmitted any content that is prohibited by this policy, such as sexually explicit or defamatory e-mails.

No Expectation of Privacy

The e-mail/Internet usage policy should inform employees that the office computer equipment and all e-mail correspondence created on the equipment is the property of the practice:

· E-mail communications are not private despite any such designation by the sender or receiver.

· The practice reserves the right to monitor the e-mail system – including each employee’s mailbox – at its discretion.

Employees must understand that there is no expectation of privacy in anything they create, store, send or receive on the practice’s computer system, even if they utilize their own passwords.

General E-mail Etiquette Guidelines

The e-mail/Internet usage policy should remind employees that all e-mails are retained in computer files and can be retained and retrieved for long periods of time. This is true even if employees believe they have deleted an e-mail from their office computer. All e-mails sent from the practice computer system by any employee could have legal significance and therefore must be written with the same professionalism as a letter or fax. Accordingly, the e-mail/Internet usage policy should provide the following etiquette usage guidelines:

Watch Your Tone.

· Do communicate professionally, respectfully, accurately and truthfully.

· Do be polite and use common courtesy.

· Do be clear and direct in your meaning. Remember that with an e-mail you do not have the facial expressions, gestures or tone of voice you have with a face-to-face meeting, all of which helps to clarify the message.

· Do not use subtleties, irony or humor. They can be misinterpreted when conveyed without tone and body language. Plus, it does not convey the appropriate level of professionalism.

· Do not resort to using Emoticons (smiley faces :), winks ;), etc.) and other virtual gestures to indicate humor, expression, or sarcasm, as many recipients may not know their meaning. Emoticons are no substitute for clear and concise writing and are not appropriate for formal business communication.

Use Proper Form.

· Do use correct grammar, spelling, punctuation and paragraph structure. If your program has a spell check feature use it every time.

· Do write single subject e-mails whenever possible and stick to the subject of your message.

· Do use a meaningful and informative subject line. Many e-mail recipients received a high number of e-mails a day and you will help to ensure that your e-mail will be read by using an informative subject line.

· Do keep paragraphs short for easy screen reading. Remember that reading an e-mail is harder than reading printed communications.

· Do be careful when attaching documents to make sure you are forwarding the appropriate attachment to the intended recipient.

· Do re-read every message before you send it. This is an imperative tool to reducing the risk of liability.

· Do not utilize the common text messaging style of writing and abbreviations. This is an unprofessional way to communicate.

Moreover, if your reader is not be familiar with the text messaging style of communication they will be annoyed and your content probably will not be understood.

· Do not overuse acronyms. They can be confusing to the reader.

· Do not type your message in capitals as this is considered SHOUTING and is a rude manner in which to communicate via e-mail. You could unintentionally escalate a conversation.

· Do not overuse punctuation such as exclamation marks.

· Do not overuse “urgent” or “high priority” designations if they are not.

· Do not make personal remarks about third parties, such as patients, vendors, referral sources or co-workers.

Send To The Intended Recipient.

· Do watch the send button. Once you hit “send” a message cannot be stopped from being delivered to the addressed recipient. Check and then double check the recipient line before hitting send. Many people in a system can share the same last name and first initials and this can make it easy to inadvertently send your e-mail to the wrong person.

· Do make sure that you are not sending an attached document’s metadata, unless that is your intention. Metadata is the document’s history including revisions and changes.

· Do not send large attachments without checking with the recipient first.

Respond Professionally.

· Do be responsive and not reactive.

· Do think before you write it, then re-read it – pause and think again before you hit send.

· Do be careful when replying to mail list messages or to messages sent to many recipients. Make sure you want to respond to the whole list.

· Do respond swiftly. Most people send an e-mail because they are looking for a quick response. If you cannot respond promptly, send a response e-mail letting the sender know when you will be able to respond in full to their e-mail. This prevents people from feeling ignored or unimportant.

· Do avoid FLAMING in sending and responding. Flaming is a virtual term which is defined as using the expression of extreme emotion or opinion in an e-mail message.

· Do not reply to an e-mail when angry, upset, preoccupied, or while doing something else.


The e-mail/Internet usage policy should state explicitly that improper use of the practice e-mail/Internet system will not be tolerated and will result in the loss of e-mail/Internet privileges and discipline up to and including termination.


The practice must be sure to develop tools and mechanisms to enforce the e-mail/Internet policy to ensure employee compliance. This can be achieved in a number of ways, such as through proper employee training and system monitoring programs. The practice must demonstrate its commitment to proper e-mail/Internet usage by actually utilizing the enforcement procedures developed and disciplining violators when necessary. Having a policy without a commitment to enforcing it is the same as having no policy at all.

Ultimately, a physician practice group could be held responsible for any employee’s misuse of the practice’s computer system, therefore, the prudent physician practice group will take the proactive step of defining the expectations, limitations and guidelines for use in a written policy for employees to follow, and which can be called upon for enforcement purposes if they do not.

Frankie Jo Pacilla, Esq., is a director at the law firm of Houston Harbaugh in Pittsburgh.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.