Legal Templates
Email Security Policy

Email Security Policy Template for New Zealand

Create a bespoke document in minutes, or upload and review your own.

4.6 / 5
4.8 / 5

Let's create your Email Security Policy

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

Get your first 2 documents free

Your data doesn't train Genie's AI

You keep IP ownership of your information

Key Requirements PROMPT example:

Email Security Policy

"I need an Email Security Policy for my fintech startup based in Auckland, with specific emphasis on protecting customer financial data and ensuring compliance with New Zealand's Privacy Act 2020."

Celebrated by
Collaborations with
Investors

What is a Email Security Policy?

The Email Security Policy serves as a critical governance document for organizations operating in New Zealand, establishing mandatory guidelines for secure email communications and data protection. This policy is essential for organizations seeking to protect sensitive information, maintain compliance with New Zealand's privacy laws, and establish clear protocols for email usage. The document addresses key requirements under the Privacy Act 2020, Harmful Digital Communications Act 2015, and other relevant legislation, while incorporating industry best practices for email security. Organizations should implement this Email Security Policy to establish clear guidelines for email usage, define security requirements, outline incident response procedures, and ensure consistent application of security measures across all email communications.

What sections should be included in a Email Security Policy?

1. Purpose and Scope: Defines the purpose of the policy and its applicability to different users, systems, and communications

2. Definitions: Key terms used throughout the policy including technical terminology and specific email security concepts

3. Email Usage Guidelines: General rules and requirements for appropriate email use within the organization

4. Security Requirements: Specific security measures required for email communications including encryption, authentication, and access controls

5. Password and Authentication: Requirements for email account passwords and multi-factor authentication

6. Data Protection and Privacy: Guidelines for handling sensitive information and personal data in compliance with the Privacy Act 2020

7. Prohibited Activities: Specific actions that are forbidden under the policy, including activities that could violate applicable laws

8. Incident Reporting: Procedures for reporting email security incidents and suspicious activities

9. Compliance and Enforcement: Consequences of policy violations and enforcement procedures

10. Review and Updates: Process for regular policy review and update procedures

What sections are optional to include in a Email Security Policy?

1. Remote Work Email Security: Additional security requirements for employees accessing email systems remotely

2. Mobile Device Email Access: Specific requirements for email access on mobile devices

3. Third-Party Email Services: Guidelines for using external email services or integrating with third-party email systems

4. Email Retention and Archiving: Specific requirements for email retention, particularly relevant for organizations subject to the Public Records Act

5. Legal Holds: Procedures for implementing legal holds on email communications during litigation or investigations

What schedules should be included in a Email Security Policy?

1. Approved Email Systems and Software: List of approved email clients, security software, and encryption tools

2. Incident Response Procedures: Detailed procedures for handling different types of email security incidents

3. Email Security Best Practices: Detailed guidelines and best practices for secure email usage

4. Training Requirements: Required security awareness training modules and frequency

5. Compliance Checklist: Checklist for evaluating compliance with the email security policy

Authors

Alex Denne

Head of Growth (Open Source Law) @ Genie AI | 3 x UCL-Certified in Contract Law & Drafting | 4+ Years Managing 1M+ Legal Documents | Serial Founder & Legal AI Author

Linkedin in social icon imageX social icon image
alex.den.21@genieai.co
Relevant Industries

Technology

Financial Services

Healthcare

Government

Education

Legal Services

Professional Services

Manufacturing

Retail

Non-profit Organizations

Telecommunications

Relevant Teams

Information Technology

Information Security

Compliance

Legal

Human Resources

Risk Management

Privacy

Operations

Corporate Communications

Training and Development

Relevant Roles

Chief Information Security Officer

IT Director

Security Manager

Compliance Officer

Privacy Officer

IT Administrator

Systems Administrator

Network Engineer

Information Security Analyst

Risk Manager

Data Protection Officer

Human Resources Manager

Legal Counsel

Chief Technology Officer

IT Security Specialist

Industries
Privacy Act 2020: New Zealand's primary privacy legislation that governs how personal information should be collected, used, stored and disclosed, including through electronic communications
Harmful Digital Communications Act 2015: Addresses harmful digital communications, including those sent via email, and aims to prevent cyber-bullying and other forms of online harassment
Unsolicited Electronic Messages Act 2007: Regulates commercial electronic messages (including emails) and prohibits spam, requiring consent for commercial messages
Contract and Commercial Law Act 2017: Contains provisions about electronic transactions and the legal validity of electronic communications in New Zealand
Public Records Act 2005: Relevant for public sector organizations, governing the creation, maintenance and disposal of public records, including electronic communications
Teams

Employer, Employee, Start Date, Job Title, Department, Location, Probationary Period, Notice Period, Salary, Overtime, Vacation Pay, Statutory Holidays, Benefits, Bonus, Expenses, Working Hours, Rest Breaks,  Leaves of Absence, Confidentiality, Intellectual Property, Non-Solicitation, Non-Competition, Code of Conduct, Termination,  Severance Pay, Governing Law, Entire Agreemen

Find the exact document you need

Audit Log Policy

An internal governance document outlining audit log requirements and procedures for organizations operating in New Zealand, ensuring compliance with local privacy and record-keeping legislation.

find out more

Security Logging And Monitoring Policy

A comprehensive policy document outlining security logging and monitoring requirements for organizations operating under New Zealand jurisdiction, ensuring compliance with local privacy laws and security standards.

find out more

Phishing Policy

A New Zealand-compliant policy document outlining organizational procedures and requirements for preventing and responding to phishing attacks.

find out more

It Security Audit Policy

A New Zealand-compliant policy document establishing requirements and procedures for conducting IT security audits, aligned with local privacy laws and international best practices.

find out more

Consent Security Policy

A New Zealand-compliant policy document establishing secure practices for consent management under the Privacy Act 2020 and related legislation.

find out more

Email Security Policy

A comprehensive email security policy document for New Zealand organizations, ensuring compliance with local privacy laws while maintaining robust email security measures.

find out more

Download our whitepaper on the future of AI in Legal

By providing your email address you are consenting to our Privacy Notice.
Thank you for downloading our whitepaper. This should arrive in your inbox shortly. In the meantime, why not jump straight to a section that interests you here: https://www.genieai.co/our-research
Oops! Something went wrong while submitting the form.

Genie’s Security Promise

Genie is the safest place to draft. Here’s how we prioritise your privacy and security.

Your documents are private:

We do not train on your data; Genie’s AI improves independently

All data stored on Genie is private to your organisation

Your documents are protected:

Your documents are protected by ultra-secure 256-bit encryption

Our bank-grade security infrastructure undergoes regular external audits

We are ISO27001 certified, so your data is secure

Organizational security

You retain IP ownership of your documents

You have full control over your data and who gets to see it

Innovation in privacy:

Genie partnered with the Computational Privacy Department at Imperial College London

Together, we ran a £1 million research project on privacy and anonymity in legal contracts

Want to know more?

Visit our Trust Centre for more details and real-time security updates.

Read our Privacy Policy.