Microsoft Email Encryption – Sending a Secure Message

Summary

Secure Email can be used to send electronic protected health information (ePHI) and any other sensitive emails in a secure manner. It is a means to protecting the University’s information as well as complying with legal requirements.

Body

How to Steps

Microsoft Email Encryption – Sending a Secure Message

University policy states that sensitive email must not be sent via unencrypted email. In addition, HIPAA regulations state that ePHI cannot be sent via email unless encrypted. Secure Email can be used to send electronic protected health information (ePHI) and any other sensitive emails in a secure manner. It is a means to protecting the University’s information as well as complying with legal requirements.

Sending an encrypted email using Outlook

If you are within a division or department of the University that has HIPAA/PCI regulatory responsibilities your outgoing email (email messages, you send off to non @creighton.edu addresses) is being scanned for HIPAA and PCI content.

Creighton has defined rules to automatically encrypt messages that meet certain criteria. For example, a rule that encrypts all messages sent outside of Creighton that mention specific words, phrases, SSN, or credit card numbers.

A second method to send encrypted messages would be to include the phrase “#secure” to the subject line.  This will automatically encrypt the message regardless of HIPAA or PCI content.

All attachments sent within the message will also be encrypted.

Sending an encrypted email using Jaydrop

Another option that can be used to send an encrypted message is through the Jaydrop portal.  Jaydrop can be accessed by going to https://jaydrop.creighton.edu and logging in with your Creighton Blue account. 

Fill in the necessary fields such as recipient (To), subject, and message body.  To add an attachment, simply drag and drop the file to the open box (Drop Files Here) on the right-hand side.

Jaydrop gives the sender an option to set an expire date on the message.  This means recipient will not be able to access message after expiration date.

 

 

 

If this article did not help, please review the Related Articles in the right hand column or select the Related Services / Offerings and choose Report an Issue or Problem to open a ticket with the myIT Service Desk.

 

 

Details

Details

Article ID: 503
Created
Mon 2/19/24 5:08 PM
Modified
Mon 11/18/24 3:06 PM

Related Articles

Related Articles (2)

University policy states that sensitive email must not be sent via unencrypted email. In addition, HIPAA regulations state that ePHI cannot be sent via email unless encrypted. Users outside of Creighton may receive an encrypted email (secure message) from someone at Creighton if it contains ePHI.
If you are within a division or department of the University that has HIPAA regulatory responsibilities your outgoing email (email messages you send off to non @creighton.edu addresses) is being scanned for HIPAA content.