Start a conversation

Sending Encrypted Emails

Email encryption provides an additional layer of security when sending an email. Email encryption is available to anyone with an FBRI email account. Email encryption converts the message and any attachments into unreadable cipher text. Only the recipient will be able to view the message in a secure browser window.  (NOTE: emails that are encrypted will NOT be encrypted or changed in your sent items.)

Click here to learn how to read an encrypted message if you have received one.  

FACULTY / STAFF, this article describes using the FBRI mail system for sending protected / encrypted messages.  YOU CAN ALSO USE THE VT EXCHANGE ONLINE SYSTEM TO SEND AND PROTECT SENSITIVE INFORMATION VIA EMAIL (FERPA, PII, ePHI).

When should I use email encryption?

You should encrypt emails whenever you send confidential data to anyone outside the FBRI email system.  

What confidential data should I encrypt?

Confidential data includes high and moderate risk data. Important examples of confidential data you should encrypt when transmitting over email include:

  • Social Security numbers
  • Protected health information (PHI | HIPAA)
  • Clinical trial data
  • Credit card numbers
  • Grades for assignments and courses
  • Trade secrets
  • Disciplinary records
  • Salary and tax records

These are a few examples of confidential data. 

How do I send an encrypted email? 

There are two ways:
1. Manually: The way to force an email to be encrypted when sent is to include the word 'ENCRYPT' in the subject of the message.  For example, use a subject line similar to:

'ENCRYPT: Here is the clinical trial data you asked for'

Once sent, our secure mail gateway will intercept the message, encrypt it, and send the recipient(s) a secure link where they may be able to retrieve  the message.  

2. Automatically:  The secure mail gateway will use data analysis on outgoing messages looking for data patterns to determine if they should be encrypted.:

  • Credit Cards - Messages sent through the Barracuda Email Security Gateway containing recognizable Master Card, Visa, American Express, Diners Club or Discover card numbers will be subject to the action you choose.
  • Social Security - Messages sent with valid social security numbers will be subject to the action you choose. U.S. Social Security Numbers (SSN) must be entered in the format nnn-nn-nnnn or  nnn nn nnnn
  • Privacy - Messages will be subject to the action you choose if they contain two or more of the following data types, using common U.S. data patterns only: credit cards (including Japanese Credit Bureau), expiration date, date of birth, Social Security number, driver's license number, street address, or phone number. Phone numbers must be entered in the format  nnn-nnn-nnnn or  (nnn)nnn-nnnn or  nnn.nnn.nnnn .
  • HIPAA - Messages will be subject to the action you choose if they contain TWO of the types of items as described in Privacy above and ONE medical term, or ONE Privacy item, ONE Address and ONE medical term. So, for example, a U.S. Social Security Number (SSN), a street address, and one medical term is enough to trigger the HIPAA filter. 
    Note: For a list of sources of medical vocabulary used by the HIPAA dictionary, see Medical Dictionary Source for DLP HIPAA Compliance


FACULTY / STAFF, this article describes using the FBRI mail system for sending protected / encrypted messages.  YOU CAN ALSO USE THE VT EXCHANGE ONLINE SYSTEM TO SEND AND PROTECT SENSITIVE INFORMATION VIA EMAIL (FERPA, PII, ePHI).

Choose files or drag and drop files
Was this article helpful?
Yes
No
  1. Jed Krisch

  2. Posted
  3. Updated

Comments