There are three separate but related issues about the Clinton e-mail server:
1) Via her poor practices she put operational security at risk, demonstrating that she does not have the judgment to hold any position of responsibility or trust. (Though you might think that would be well-established after Iraq, Libya, and Honduras, a lot of people still don't seem to get it.)
2) She violated the spirit, and quite possibly the letter, of federal records retention laws, demonstrating that she has little regard for transparency or oversight.
3) She may have violated laws regarding the handling of classified information.
Hillary Clinton disregarded State Department cybersecurity guidelines by using a private email account and server, an internal audit found Wednesday. Her staff twice brushed aside specific concerns that she wasn't following federal rules.