1 Step 1


Our corporate email usage policy helps staff use their organisation email addresses appropriately.
Email is essential to our everyday jobs. We want to ensure that our staff understand the limitations
of using their corporate email accounts.
Our goal is to protect our confidential data from breaches and safeguard our reputation and
technological property.


This policy applies to all staff, vendors and partners who are assigned (or given access to) a
corporate email. This email may be assigned to an:

  1. Individual (e.g. employeename@isth.org.ng)
  2. Position (e.g. cmac@isth.org.ng)
  3. Department (e.g. hr@isth.org.ng).

Policy elements

Corporate emails are powerful tools that help staff in their jobs. Staff should use their corporate
email primarily for work-related purposes. However, we want to provide staff with some freedom to
use their emails for personal reasons.
Definition of appropriate and inappropriate use
Inappropriate use of organization email
Our staff represent our organization whenever they use their corporate email address. 

They must:
  1. NOT sign up for illegal, unreliable, disreputable or suspect websites and services.
  2. NOT send unauthorized marketing content or solicitation emails.
  3. NOT register for a competitor’s services unless authorized.
  4. NOT send insulting or discriminatory messages and content.
  5. NOT intentionally spam other people’s emails, including their coworkers.
  6. Finally, our organization has the right to monitor and archive corporate emails.
Appropriate use of corporate email

Staff are allowed to use their corporate email for work-related purposes without limitations. For
example, staff can use their email to:

  1. Communicate with current or prospective customers and partners.
  2. Log in to purchased software they have legitimate access to.

  3. Give their email address to people they meet at conferences, career fairs or other corporate events for business purposes.

  4. Sign up for newsletters, platforms and other online services that will help them with their

jobs or professional growth.

Staff are allowed to use their corporate email for some personal reasons. For example, staff can use
their corporate email to:

  1. Register for classes or meetups.
  2. Send emails to friends and family as long as they don’t spam or disclose confidential
  3. Download ebooks, guides and other content for their personal use as long as it is safe and appropriate.

staff must adhere to this policy at all times, in addition to the National Confidentiality and Data Protection Guidelines.

Email security

Email is often the medium of hacker attacks, confidentiality breaches, viruses and other malware.
These issues can compromise our reputation, legality and security of our equipment.

To ensure adequate security, staff must:

  1. Change their passwords from the default password given by the service provider before
    activation of the email account.
  2. Select strong passwords with at least eight characters (capital and lower-case letters,
    symbols and numbers) without using personal information (e.g. birthdays.)
  3. Not share their password with other staff or non-staff members.
  4. Remember passwords instead of writing them down and keep them secret.

  5. Change their email password every two months.
  6. Always be vigilant to catch emails that carry malware or phishing attempts.
We instruct staff to:

  1. Avoid opening attachments and clicking on links when content is not adequately
    explained (e.g. “Watch this video, it’s amazing.”)
  2. Be suspicious of clickbait titles.
  3. Check email and names of unknown senders to ensure they are legitimate.
  4. Look for inconsistencies or style red flags (e.g. grammar mistakes, capital letters,
    excessive number of exclamation marks.)
  5. Ask Hospital ICT Support if unsure an email they received is safe.
  6. Keep their anti-malware programs updated.
Email signature

We encourage staff to create an email signature that exudes professionalism and represents ISTH
well. Salespersons and executives, who represent ISTH to customers and stakeholders, should pay
special attention to how they close emails.

Here’s a template of an acceptable email signature:

(Employee Name)
(Employee Title), (Organization Name with link)
(Phone number) | (Organization Address)

Staff may also include professional images and work-related videos and links in email signatures. If
they are unsure how to do so, they can ask for help from Hospital ICT Support or their Supervisor.

Disciplinary action

Staff who don’t adhere to the present policy may receive a query and if found guilty may face
disciplinary action up to and including dismissal. Example reasons for initiating a query are:

  1. Using a corporate email address to send confidential data without authorization.
  2. Sending offensive or inappropriate emails to our clients, colleagues or partners.
  3. Using a corporate email for an illegal activity