Secure Messaging and Encryption

In addition to ensuring that one's device is encrypted, students must select an email encryption option if sending PHI or other confidential information to an external recipient.

To activating the email encryption option:

• Microsoft Exchange users should include the word [secure] within square brackets in the subject line of the message. The recipient will be asked to self-enroll when the message is opened. The secure send mechanism can be used in any email client (e.g., Outlook, Outlook Web Access, smartphone).

• Google Apps users should install the Virtru add-on to the browser and/or device (go to http://www.virtru.com for instructions). When composing a message, select the “Virtru Protection is on” option.

Spam and Inappropriate Use of Messaging Tools

ISMMS systems, including email, are intended for official business use. Inappropriate use may result in disciplinary actions and loss of access privileges. Unsolicited mass emailing of materials not related to school business is considered spam and may result in the loss of access privileges.

Student Privacy, Secure Email, and Phishing

Students should remember to take care when opening attachments or following links contained in email messages. Students should verify with the sender of the message if receiving an unexpected attachment or an email that contains suspicious links. Students should be especially cautious of emails that have been quarantined. Unless one is expecting a quarantined message, students should not release the email.

Students should also take care with any messages that ask you to provide private information (e.g., birthdays, social security number, credit card numbers, user account passwords). These messages might actually be phishing attempts by persons pretending to be from legitimate companies or organizations. When in doubt, students should contact the party requesting the information for confirmation. Users should not rely on the contact information contained in the email but use the contact information typically found on the company website or on the back of a bank or credit card.