Do you send and receive emails as part of your job? Yes? You are therefore responsible for ensuring that all emails you deal with in the course of your employment with the University are managed in line with the University’s Email Management Policy and allied internal policies - Information Security Policy, Data Protection Policy and Records Management Policy as detailed here.
What is the risk of a data breach occurring by email? High!
If you send personal data by email please STOP or REDUCE this practice URGENTLY! There is a high risk of breaching the Data Protection legislation (GDPR and DPA 2018) by doing this. There are other, easy to implement, ways of sharing personal data internally and externally – please contact your colleagues in Governance Services for more information. If you absolutely HAVE to send personal data externally by email please ensure attachments are password protected and emails encrypted (IS provides a free encryption service).
Email Management Guidance
Below is a list of the contents of the email management guidance with links. Links to discrete sections of the guidance are also available on the left hand menu. The complete email management guidance document (at the bottom of the page) also contains an index table at the end if you are looking for specific guidance.