To ensure the security of sensitive email sent to recipients outside the ECU network, you are required to encrypt these messages by setting the confidentiality flag or using the [sendsecure] tag.
Encryption scrambles the message’s text and prevents a hacker from intercepting and reading the message during transit. Messages sent between ECU users on the ECU network are not encrypted.
Caution: Encryption can only be set through the email system – information emailed through a copier is NOT encrypted. Therefore, first send the copied information to your email inbox, then send to the recipient using Option 1 or Option 2 below.
Sensitive Email Examples
- Patient billing information sent to Vidant Medical Center
- Research data containing SSNs emailed to a research partner outside ECU
- Student records emailed to another university
See the sensitive information website to determine other data types considered sensitive.
Data Loss Prevention
ECU has implemented Microsoft’s Exchange Online Protection (EOP) that includes a Data Loss Prevention (DLP) component. DLP scans outgoing email for certain “markers.” For example, DLP may flag numbers formatted like a social security number: xxx-xx-xxxx. Since DLP cannot read the message but only filters for certain formatting, you must make the final decision for encryption. Visit the DLP page to learn how this works.