Employee Monitoring
E-mail monitoring has become increasingly complex, with changes in privacy type laws as well as employment law to consider. E-mails are covered by the legislation in RIPA and the Telecommunications Regulations, as well as the DPA and certain areas of employment law. Effectively you are allowed to monitor business e-mails provided that you have a policy for your employees stating that you do so and that you ensure your customer, clients and suppliers are aware that you may do so. The policy should make clear that you may open e-mails if the employee is away from the office. You are in a more difficult position with private e-mails which you are not allowed to open except in certain very limited circumstances.
If you are concerned about data theft or theft of confidential information, you should first make sure that your confidential information is kept in password protected files, in such a way that you know who has accessed them. You are allowed to monitor both business and personal e-mail - this means you can check who send to whom but not the content. You could therefore get specialized software to block out-going e-mails containing confidential information.
All employers should be wary of monitoring simply for the sake of it. Assess your risks and think through a proper policy so that you can show your monitoring is justified and appropriate and complies with the legislation. If you are unsure we are happy to help you put together a strategy and policy that works in practice but keeps you within the law.