Email Encryption for Sensitive Data

To ensure the security of sensitive email sent to recipients outside the ECU network, you are required to encrypt these messages by setting the confidentiality flag or using the [sendsecure] tag.

Encryption scrambles the message's text and prevents a hacker from intercepting and reading the message during transit. Recipients are only able to read the message but cannot forward, copy or print the email. Messages sent between ECU users on the ECU network are not encrypted.

Sensitive Email Examples

  1. Patient billing information sent to Vidant Medical Center
  2. Research data containing SSNs emailed to a research partner outside ECU
  3. Student records emailed to another university

See the sensitive information website to determine other data types considered sensitive.

Data Loss Prevention

ECU has implemented Microsoft's Exchange Online Protection (EOP) that includes a Data Loss Prevention (DLP) component. DLP scans outgoing email for certain "markers." For example, DLP may flag numbers formatted like a social security number: xxx-xx-xxxx. Since DLP cannot read the message but only filters for certain formatting, you must make the final decision for encryption. Visit the DLP page to learn how this works.

Encrypt an Email

Outlook 2013 and 2016

  1. Open a new email message.
  2. From the email's menu bar, click the bottom right arrow in the Tags section. The Properties dialog box opens.

    Outlook 2010/2013 Tags Menu
  3. From the Sensitivity drop-down menu, choose Confidential.

Encrypt a message using [sendsecure]

Type the words, [sendsecure] anywhere in the subject line of an email. Be sure to include the brackets. This method works for Outlook 2013, 2016 and Piratemail.


  1. Open a new email.
  2. From within the email, click the ellipsis (...) on the toolbar. Click Show message options...

  3. From the Sensitivity drop-down menu, choose Confidential.

back to the top

View an Encrypted Email

If you receive an encrypted email, click the Read the Message link and sign in with your Office 365 credentials or use a one-time code emailed to your Office 365 email account. Note that there is an expiration date for the secure email as well. If you reply or forward the message, each recipient is required to be signed in to Office 365.