What Can Be Sent Via Email
Regular email is not a very secure communication method, and thus it is not appropriate to send some types of sensitive information via email. This article is for Pacific faculty and staff to know what it is appropriate to send via email. More secure alternatives are also listed.
Student and Employee Records
Yes, it is okay to communicate low risk information about students, employee, alumni, parents, and friends (including FERPA protected educational records), with appropriate individuals, via email. However, avoid sending files that contain the records of large numbers of students or employees (e.g. a spreadsheet of names, emails, grades). Avoid sending information that could be used for identify theft, such as date of birth. Never send Social Security numbers via email.
Patient Health Information
No, it is not acceptable to send patient protected health information via normal email. Please refer to the General Guidelines to Secure Protected Health Information Policy for more information.
No, it is not acceptable to send passwords via email. Also, note that current university policy states that you should never share your password with anyone.
Credit Card Numbers
No, it is not acceptable to send credit card numbers via email.
More Secure Communication Methods
Files that contain sensitive information can be uploaded to an appropriate Box folder and then that file can be shared. Individuals with Box accounts (including any Pacific student, faculty or staff, or anyone else who signs up for a free Box account) can be added as a collaborator to that folder. Alternately, a share link can be generated that gives access to the file. When creating the link, one can specify that the link should only work for Pacific accounts (the “People in your company” option) or one can create a password required to utilize the link (which can then be shared via phone with the correspondent).
All faculty and staff can send emails in a way that causes them to be encrypted, but only to email accounts outside the university employee email system. Student accounts cannot originate encrypted emails. See our knowledgebase article How to Use Faculty/Staff Email Encryption for more information.
Email is a very important tool that is used daily by nearly everyone at Pacific. However, it's also the leading cause for security incidents. Before hitting send, think about the impact it would have if you accidentally send the information in the email to the wrong person. If the message would be of concern for the person whose information you are sending, you probably should consider using a more secure method of sending it.
- Survey and Data Gathering Options – Lists secure methods of soliciting files or information.
- File Storage Options – Lists what options for online file storage are acceptable for different types of secure information.