You should treat e-mail messages the same way you treat paper correspondence. An e-mail message is a record if it documents the APHIS mission or provides evidence of an APHIS business transaction and if you or anyone else would need to retrieve the message to find out what had been done or to use it in other official actions.
Yes, you should apply the standard described above to both incoming and outgoing e-mail. The reason is that both sender and recipient of e-mail messages have the responsibility to document their activities and those of their organizations. Both the sender and the recipient have to determine whether a particular e-mail message is a necessary part of that documentation.
Yes, in certain circumstances. They are similar to e-mail messages; that is, if the messages are needed to substantiate your work, you must treat them the same way you would any e-mail record. You need to capture the text of the message, as well as who the message is to/from and the date and time. Also, because of the informal and sometimes cryptic nature of IM, it may be necessary to transcribe or capture the message in another format much as you would for a telephone conversation or other verbal communication if it is needed to document your activities. And finally, it is important to be careful if you use a non-APHIS IM product to communicate with external users because it could result in unauthorized disclosure of information.
It depends. Different copies of the same message may be records. If you take any official action related to a message, and if the message is needed for adequate and complete documentation of the action, the message would be a record in your office regardless of whether copies are retained elsewhere. If the record is in your office's official files, then your copy is not a record, and you may delete it. If you receive a message only for information and do not take action related to it, your copy would not be a record.
Yes, these guidelines apply to APHIS contractors and other agents as well as APHIS employees. Contract terms should ensure that contractor systems satisfy legal requirements for creating and maintaining adequate and complete records of APHIS transactions when those transactions are carried out by contractors.
The basic requirements that apply to all records apply to e-mail records as well. However, there are some specific requirements for records made or received through e-mail. You should make sure that:
Yes, you do. If a message qualifies as part of the documentation of your activities, you need to make sure that related items that provide context for the message are maintained as well. This includes attachments. You would keep them under the same conditions that you would if they were paper attachments to a paper memo or incoming letter.
The requirement is to create and maintain an understandable record documenting activities. Some replies to e-mail messages contain enough information from the original message that they can stand on their own, but most do not. The simplest way to ensure understandability of e-mail messages that will become part of the record is to incorporate the original message in any reply and maintain them as a unit. If e-mail is sent back and forth and the most recent message has the entire sequence of messages, you need to keep only the final message (including the previous messages and replies) as long as it also contains attachments and other data such as the sender, receivers, date, and time that are necessary for a complete record.
Delete e-mail that is not a record when no longer of use.
Yes, e-mail is subject to FOIA, and its release is subject to the same FOIA exemptions that apply to other Agency records.
If you receive e-mail containing sensitive information, apply the same standards and precautions to the e-mail containing sensitive information as you would to the same information in any other medium. However, you should not use the e-mail system to transmit messages that contain confidential business information, information covered by the Privacy Act, or other sensitive information.