Effective email security
In an effort to prevent data breaches within the organisation, the Data Protection team would like to bring your attention to the following security methods that should be applied when sending emails with content of an OFFICIAL or OFFICIAL PROTECT nature.
Email classification
All emails should be classified dependent on its content. No email should be sent without classification as this can have a significant impact on the security of the content.
Classifications are as follows:
- PUBLIC
- OFFICIAL
- OFFICIAL PROTECT
Prepopulated recipients
When you use names on a regular basis, Outlook automatically populates your contact address. It is important you double check the populated name is the correct recipient.
Password protection
When sending documents containing personal and special category information, ensure these are password protected. This increases the security. If it goes to the wrong person, it can only be accessed by individuals who are authorised to have the password and have received this separately.
Stop, think, check, send
Before you send your email, you must always:
- think about what you are sending
- check who are you sending it to
- only include necessary recipients
- consider the use of BCC function (this is required for bulk emails)
- double check attachments to ensure they are correct and relevant
This is critical to ensure the council is compliant with legislation including the Data Protection Act 2018 and to reduce the risk to our residents and employees.
Published December 08, 2025
