3 risky things Board Members do with their emails

Are your Board Members or Trustees doing any of these 3 things with their emails, which are a risk to both your resources and relationships?

1. Using their personal or day-job email addresses for board related work.

What’s the risk? If the external email provider experiences a breach, the sensitive issues your board discusses could be leaked.

And if you need to respond to a Subject Access Request, whereby an individual can ask for copies of their data, you would need to rely on anyone using an external email address to supply access to their emails.

2. Writing emails as if they will be kept private forever, containing details they wouldn’t want to be shared with the person they’re discussing or with the public in general.

What’s the risk? Anything committed to email can be forwarded on,  inadvertently or intentionally, and the contents may have to be shared in response to a Subject Access Request or Freedom of Information Request.

3. Keeping emails forever…and ever…

What’s the risk? Although it can be handy to refer back to emails, keeping them too long is a risk; the more emails you’re holding the more you could lose in a breach, and the more you need to trawl through, and possibly disclose, to answer a Subject Access Request.

How to reduce these email related risks?

  1. If your organisation hasn’t set up email addresses for each of your board members or trustees on the organisation’s domain, this is a priority. And remind your board to use those email addresses, and no others, for board-related business.
  2. Write emails as if they are going to end up being shared; stick to the facts, and stay civil. (Anything less civil can always be shared verbally!)
  3. A regular clear out of emails is crucial, and you can even set up email systems to automatically delete emails at a certain point.
  4. You can access all of our Practical Email Tips, which includes these tips and more, below.   

Clare draws on over 20 years of experience in risk management and quality assurance, including ten years in data protection, to provide clear and practical advice and training.

Don’t tell everyone (shh!) but Clare’s favourite sector is social housing, having worked in a large housing association for 12 years, although she loves to support all values-led organisations.

If you have any questions about the email tips or to talk about how we can help you with any other data protection queries, book a free 15-minute call.

Leave a Reply

Your email address will not be published. Required fields are marked *