Learn about what data can and cannot be sent with encrypted email
What type of data is acceptable for use with the Office 365 Encryption option?
The Office 365 encryption feature is suitable for use with data of most classifications, including Protected Health Information (PHI).
Types of data that should NOT be include in any email even if it's encrypted include:
- Social Security Numbers. For more information on the use of SSNs at the university, please see: https://www.ssn.uillinois.edu/
- Export controlled information
Extreme care must always be taken when emailing high risk and sensitive data. Prior to sending, the sender MUST ensure that the recipient has the right to receive the data being sent and that the minimum amount of data is sent.
It is important to remember that:- even though the data is encrypted in transit and at rest with the Office 365 encryption feature, if the data is sent to the wrong person, that wrong person will still be able to view it;
- if your credentials are compromised, the attacker logging in with your password will be able to view your encrypted emails. For this reason, you should limit the amount of sensitive information placed in email.