If your company uses emails to communicate with clients, then it’s not enough to just rely on traditional ways of managing email, such as backing up emails periodically. There needs to be a well-equipped email management system in place that will keep your business safe.
The key point that relates to the heavy use of email, is the maintenance of the integrity of the email, and being able to prove that integrity. Unfortunately, you can’t simply do nothing and leave your email system as is and hope for the best. Firstly, it is important to understand the legal requirements. This includes the Electronic Communications and Transaction Act, 2002, or the ECT Act.
The ECT Act provides that information is not without legal force and effect simply because it is in electronic form. These are some of the rules set out by the ECT Act regarding electronic communications.
- An electronic document must be captured, retained and retrievable.
- Electronic documents must be accessible so as to be useable for subsequent reference, this includes the origin, destination, date and time it was sent or received.
- If a signature is required, it must be accompanied by an authentication service.
So what should you do?
All companies who wish to comply with the regulations should implement an effective email management system. The core requirements of a good email management system are as follows:
- The ability to monitor and intercept email;
- Effective capturing of all email;
- Cost effective storage of all email and efficient discarding of email that has lost its business value or is no longer required for legal or regulatory or compliance;
- Efficient and cost effective restoration of email;
- The ability to maintain the integrity of email and the contents thereof; and
- The ability to audit email use in order to be able to prove integrity.
Although it seems like a trivial matter, it is worthwhile to implement an email management system in your company. It will help protect your business in the event that you need a record of communication due to an incident or contract dispute. New regulations introduced by POPI will also make this a necessary part of how your company handles information.
This article is a general information sheet and should not be used or relied on as legal or other professional advice. No liability can be accepted for any errors or omissions nor for any loss or damage arising from reliance upon any information herein. Always contact your legal adviser for specific and detailed advice. Errors and omissions excepted (E&OE)
The Electronic Communications and Transaction Act, 2002