(a) Each public postsecondary institution in Arkansas shall adopt a privacy policy governing electronic communications transmitted over the institution's computer network system that are originated or received by a faculty member, staff member, or a student.
(b) No later than January 1, 2004, the computer policy shall be included in each institution's student handbook and shall be available on each institution's website.
(c) The privacy policy shall include provisions identifying:
(1) The types of electronic communications that are not confidential;
(2) Methods to be used by the institution to protect the confidentiality of personally identifiable electronic communications that are originated or received by a faculty member, staff member, or a student;
(3) Procedures for releasing any confidential personally identifiable electronic communication that is originated or received by a faculty member, staff member, or a student; and
(4) Any other information necessary for the institution's faculty, staff, and students to understand their rights and obligations under the policy.
(d) For purposes of this section, “electronic communication” includes any electronic mail message transmitted through the international network of interconnected government, educational, and commercial computer networks and includes messages transmitted from or to any address affiliated with an Internet site.