University of St. Thomas Mass Email Policy
Approved by President’s Staff February 11, 2013
The policy that follows defines the standards for using the University’s email systems for mass communications. It has become necessary to more closely manage the amount and types of mass email being disseminated from University systems. The University of St. Thomas has seen a sharp increase in the volume of mass emails designed to contact constituents and reduce traditional mailing costs. Some of these mass emails have caused our stthomas.edu domain to be blacklisted by email providers. At the same time we have been hit with an increasing number of phishing attacks which target the use of compromised St. Thomas email addresses for sending out email spam. These events also cause our domain to be blacklisted. When St. Thomas is blacklisted legitimate St. Thomas email is prevented from being delivered off-campus, it damages our brand and reputation, and it ties up valuable staff time to resolve the issue. This mass email policy is intended to steer campus community members to make the best use of our email resources and keep us in compliance with regulations such as the CAN-SPAM Act without unduly limiting the effectiveness of those on campus who need to use mass email to meet their marketing and communication objectives.
This policy is guided by the following objectives:
- Compliance with applicable laws and regulations
- Maintenance of consistent university brand identity within email communications
- Effective stewardship of University resources
The Information Technology Services (ITS) division is responsible for the maintenance of this policy, and for responding to questions regarding this policy. The Associate Vice President of Information Security & Risk Management, CISO or delegate is the responsible officer.
Mass email at St. Thomas is defined as email originating from a University email address or mailbox targeted to 100 addresses overall, including more than one distribution group of 100 or more people. This includes:
- either single messages with 100 or more addresses or mail merge-type messages disseminated to 100 or more people.
- email disseminated within the University systems and/or to external recipients.
- email originating from St. Thomas systems or externally hosted systems using St. Thomas email addresses.
This policy applies to all University faculty, staff, students, alumni and any other individual or groups who use University of St. Thomas email systems or addresses.
- All mass email messages will comply with the CAN-SPAM Act, FERPA, and the University Responsible Use policy (see links below). This includes internal mass email messages, and those resulting from the University of St. Thomas’ allowance of email forwarding to external email addresses.
- All other mass communications assembled electronically must use the University’s official enterprise mass email system or an enterprise email system distribution group.
- Additional approval may be required for large mass emails, or mailings to other targeted groups. In such cases, approval must be obtained from the assigned owner of the group(s).
- Colleges, schools, individuals, groups, or organizations that would like to send mass emails to constituents must coordinate with the Information Technology Services division to create a marketing list through a University-approved system or use an approved web site to communicate/broadcast information.
- The Marketing, Insights and Communications (MIC) Team may require an approved communication plan highlighting electronic communications and their timing to be submitted yearly for review.
- ITS will implement and enable technologies as appropriate to facilitate this policy and effectively manage University resources. For example, ITS may limit the number of messages disseminated per personal mailbox, throttle message delivery for large distributions, and spam-check outgoing messages.
- Accounts and network access may be administratively suspended, with or without notice, when continued use of the University’s resources may interfere with the work of others, place the University or others at risk, or violate University policy.
- ITS will maintain the health of the mass email servers and manage account provisioning, permissions, and training on basic uses of the system. Support for advanced marketing campaigns will require a dedicated marketing professional for University Relations or a specific college or school for development and execution.
- Use of University and personal distribution groups are expected to comply with this policy.
- Mail merges are expected to comply with this policy.
- Email surveys are expected to comply with this policy.
- Exceptions to this policy will be handled on a case-by-case basis.
- If you have any questions related to the use of the email for mass communications, please contact the Tech Desk at (651) 962-6230.
Guidelines for Mass Email Communications
- Mass email communications are expected to be targeted as much as possible to constituents who need to receive or who are most likely to respond to the intended message.
- Owners of officially maintained St. Thomas distribution groups may designate faculty and staff to send internal mass email messages to specific segments of staff, faculty, students, or alumni.
- To ensure the most accurate constituent data, mass email messages are expected to use Banner or ODS data sources whenever possible.
- Mass email communications are expected to be screened with available tools to help ensure the message will pass standard anti-spam filters.
- In the event of a campus emergency, the University Action and Response Team (UART) process allows for campus-wide communications, including mass emailing as deemed necessary.