Automatically Forwarded Email Policy

Version1.0.4 Last Updated2024-02-22 APPROVED

1. Overview

This policy outlines the guidelines and restrictions regarding automatically forwarding emails from AccuCode AI Inc. email accounts to external email addresses. The purpose is to prevent unauthorized or inadvertent disclosure of sensitive company information.

2. Purpose

The purpose of this policy is to ensure the protection of sensitive information processed by AccuCode AI Inc., including protected health information (PHI) from hospitals and clinics, and to prevent unauthorized disclosure of such information through automatically forwarded emails.

3. Scope

This policy applies to all employees, contractors, vendors, and agents operating on behalf of AccuCode AI Inc. It covers the automatic forwarding of emails from company email accounts to external email addresses.

4. Policy

  1. Employees are prohibited from setting up automatic email forwarding from their AccuCode AI Inc. email accounts to any external email address without prior approval from their manager and the Information Security (InfoSec) team.

  2. Sensitive information, as defined in the AccuCode AI Inc. Data Classification and Protection Policy, must not be forwarded via email to any external party unless it is critical to business operations and the email is encrypted in accordance with the AccuCode AI Inc. Acceptable Encryption Policy.

  3. Employees must exercise extreme caution when sending any email from an AccuCode AI Inc. email account to an external recipient, ensuring that no sensitive information is inadvertently disclosed.

  4. The InfoSec team reserves the right to monitor and audit email forwarding settings and to revoke any unauthorized email forwarding configurations.

5. Policy Compliance

5.1 Compliance Measurement

The InfoSec team will verify compliance to this policy through various methods, including but not limited to:

  • Periodic reviews of email forwarding configurations
  • Monitoring of email traffic
  • Internal and external audits
  • Feedback to the policy owner

5.2 Exceptions

Any exception to this policy must be approved by the InfoSec team in advance.

5.3 Non-Compliance

An employee found to have violated this policy may be subject to disciplinary action, up to and including termination of employment.

6. Definitions and Terms

  • Email: Electronic mail, a method of exchanging messages between people using electronic devices.
  • SMTP: Simple Mail Transfer Protocol, a communication protocol for electronic mail transmission.
  • Forwarded Email: An email message that is automatically sent from one email account to another.
  • Sensitive Information: Information that is protected against unwarranted disclosure and includes PHI, financial information, and proprietary data.
  • Unauthorized Disclosure: The intentional or unintentional revelation of sensitive information to individuals who are not authorized to receive such information.