Accessing a leavers mailbox

Rroff · 28 Jul 2021 at 21:45

Ideally something your HR or legal department, if you have such, knows how to deal with.

Similar to a staff search policy it needs to be handled correctly - there needs to be a legitimate reason but that can be as simple as retrieving information an employee might have deleted on leaving the company. Best practise would be to have at least 2 management level colleagues present* and ideally the ones dealing with it, anything which is identified as personal and unrelated to work should be secured and/or deleted as appropriate (regardless of what policies the company may or may not have as to the use of work email accounts) and in no circumstances disseminated. There might be some cases where personal emails have implications for the security of the company and/or new or ongoing disciplinary action but that gets into very different territory and needs proper legal advice and can very much backfire on the company if not handled correctly.

* Alternatively having the (ex)employee or a representative present and/or getting their permission first.

Domo · 28 Jul 2021 at 23:24

vanandjuanunited said:
Are you going to keep asking this until you get an answer you are happy with

I couldn't find the first post I created

Domo · 28 Jul 2021 at 23:24

Feek said:
Two threads for the same thing, I've merged them.

Thanks.

OspreyO · 28 Jul 2021 at 23:27

You'd be actively removing business data from the business.

It would be usual to use a shared email, a team email for collaborative projects. In some cases at the end of a project you'd be asked to move emails from a personal inbox to the shared inbox.

Things like MS Teams are being pitched as a solution to this. I think that's over selling it. MS Teams can be overwhelming if it's not controlled, and it's can be difficult to find things.

Deleted member 77746 · 28 Jul 2021 at 23:48

Right Domo, so what you going to do? Are you going to delete the emails when you leave?

chroniclard · 28 Jul 2021 at 23:59

Fire and magnets an option?

StephenJ · 29 Jul 2021 at 00:09

Most companies have a email policy , but largely its company data so fine to recover etc

GR63 · 29 Jul 2021 at 09:55

Rroff said:
Ideally something your HR or legal department, if you have such, knows how to deal with.

Similar to a staff search policy it needs to be handled correctly - there needs to be a legitimate reason but that can be as simple as retrieving information an employee might have deleted on leaving the company. Best practise would be to have at least 2 management level colleagues present* and ideally the ones dealing with it, anything which is identified as personal and unrelated to work should be secured and/or deleted as appropriate (regardless of what policies the company may or may not have as to the use of work email accounts) and in no circumstances disseminated. There might be some cases where personal emails have implications for the security of the company and/or new or ongoing disciplinary action but that gets into very different territory and needs proper legal advice and can very much backfire on the company if not handled correctly.

* Alternatively having the (ex)employee or a representative present and/or getting their permission first.

This, the most realistic answer :-)

melmac · 29 Jul 2021 at 15:10

Basically, nobody here can answer the question without more info. Everything depends on the GDPR/Email policies that the company has in place.

Deleted member 77746 · 4 Aug 2021 at 10:06

melmac said:
Basically, nobody here can answer the question without more info. Everything depends on the GDPR/Email policies that the company has in place.

IF*

melmac · 4 Aug 2021 at 11:23

Bouton Aide said:
IF*

Of Course

Scougar · 4 Aug 2021 at 15:35

Retrieve emails, filter out emails sent to non-work addresses?

Armageus · 4 Aug 2021 at 15:56

At our workplace, if leavers have obviously deleted their entire mailbox (e.g. 0GB mailbox size), we will restore it in full (Google ftw), then Suspend the user and leave the mailbox in place for at least a month.

Otherwise we just suspend without doing any data restore (thus allowing users to remove any personal info)

HR have had no issue with this, and our computer usage policy states that company email accounts are to be used for work related communication

Rroff · 5 Aug 2021 at 21:46

Bouton Aide said:
Right Domo, so what you going to do? Are you going to delete the emails when you leave?

I read this as being the other way around heh - if someone is leaving and worried about the contents of their work mailbox then not much they can do, in theory they have some comeback if something personal in the mailbox, even a work one with a policy against personal use, does get made public as the company still has a professional responsibility but not much they can do to prevent that happening unless management/IT are willing to purge such information on request.

Deleted member 77746 · 6 Aug 2021 at 08:24

Rroff said:
I read this as being the other way around heh - if someone is leaving and worried about the contents of their work mailbox then not much they can do, in theory they have some comeback if something personal in the mailbox, even a work one with a policy against personal use, does get made public as the company still has a professional responsibility but not much they can do to prevent that happening unless management/IT are willing to purge such information on request.

I was just carrying on lol

Scougar · 20 Aug 2021 at 20:28

How would they even know if you did retrieve it. Restore, get what you need then delete. It's a company email, nit personal.

This person is not a customer as such.