• Replies 11 replies
  • Subscribers 3 subscribers
  • Views 5414 views
  • Users 0 members are here
Options
Related

Approval from Employees to Access their Emails/Folders

Sonia

We have a very clear IT policy which states that all data at work belongs to the company and therefore we have the right to access this. However, we know that employers do have personal emails and folders held on their computers. As a practice we have a process in place which prevents people/managers from gaining access to employees systems without following an approval process. I would like to know what process you have in place to manage access to employees once they have left. Many managers don't think to get the outgoing employee to transfer over info prior to their leaving date and our IT dept will close down the mailbox, etc. HR do not want to be seen as the gate keeper to every access to mailbox/folder request due to managers forgetfulness, etc and would prefer the employee prior to leaving to grant access. However, the question asked is 'what if the employee refuses to give permission - when the data is the Company's anyway'? Do we need to do this? 

Really would appreciate any info on what other companies do to manage this process, especially now that we have GDPR.

  • I get our IT guys to add the leaving employees mailbox to their managers outlook as a shared inbox. they have access and can monitor anything new coming in. No permission requested but to be honest the leaver will delete anything not relevant before they leave anyway.
  • When I conduct exit interviews I tell the employee that their email file will be saved with access granted to their Manager when its needed, and I advise (elbow nudge) them to clear it up!! So I dont really give them the option to refuse, but its also in our handbook that emails can be accessed by the company at any time if there is a business justification for it.

    Our IT department then hold the emails on the server for 12 months, and if a situation arises where their emails need to be checked IT will give permission for the Manager to access it for an hour to look for what they need. Permission is then removed until if/when the emails are needed again.

    It creates a few minutes work for IT but I find exiting (and existing!) employees are more comfortable with this. I think there is a perception (and its a reality in some places where Ive worked sadly) that when employees leave their emails are scrutinised so this helps to counter that.

    Regarding new emails I simply log a call with IT to divert new emails to a nominated colleague - I know its done then!
  • We just automatically delete personal files and folders on termination. We don't check what's in them at all. In previous roles, we've flagged such folders up for review by the leaver's LM but, in practice, most such folders then sat untouched and unchecked for months or, in some cases, years because managers didn't have the time or inclination to go through their former employee's trivia.

    Hence at my current workplace, I decided to take a more decisive position.
  • in reply to Robey
    We do something similar to Robey except automatic deletion is normally within a month - unless the line manager requests a longer period or that certain folders are moved for specific access (we still have some folk who save stuff on their own drive or Outlook folder when really it should be saved in a shared drive or restricted intranet library). This is made clear in our leaving processes and comms to both manager and individual. However, the leaving employee's log-in credentials are "blocked" or "removed" immediately after actual termination date.
  • in reply to Samantha
    Thanks Samantha. What about the employees that you dont get a chance to have an exit interview. The ones who are instantly let go. How do you manage them.
  • in reply to Robey
    Quick question. If there are personal items (mail/documents) saved in the normal business folders as opposed to being held on a separate drive, etc how does your process manage this?

    We had a situation where by a manager wanted access to a empee's mailbox who was leaving. The request came to HR for approval but because we were aware of a potential grievance of bullying by the empee against their manager, we did not grant access. Obviously this was a rare one but we are now concerned about giving general access.

    Do you have all employees sign acknowledgement of your acceptable use/IT policy?
  • in reply to Robey

    "We just automatically delete personal files and folders on termination. We don't check what's in them at all."

    Like Robey, this is my experience, too. Having said that, this would be in the context of an employee giving notice, allowing at least a month for a full handover of active clients / projects.

    I guess the circumstance of a dismissal might be a little different[?]