📧 Protecting Data: Double-Check Recipient Emails

As your DPO we are committed to safeguarding sensitive information and ensuring data security within your school or trust, we’d like to provide a friendly reminder regarding email communication.
Please share this information with other schools in your networks to help them safeguard their data too.

Protecting Data: Double-Check Recipient Email Address

In our digital age, email remains a primary means of communication. However, with the convenience of email comes the responsibility to ensure that sensitive information is shared securely and confidentially.
 

The Reminder

Before hitting that “Send” button, please take a moment to double-check the recipient’s email address. An unintended typo or an autofill error can lead to an accidental data breach, potentially compromising sensitive student, staff or school data.

 

Key Steps

  1. Verify Recipient:
    Confirm that the email address you intend to send to is the correct one. That quick check could prevent an embarrassing data breach for your school or trust.
  2. Use Bcc for Bulk Emails:
    When sending emails to multiple recipients who do not need to see each other’s addresses, use the Bcc (Blind Carbon Copy) field to maintain privacy. A good example of this is if emailing a group of parents.
  3. Encryption:
    For particularly sensitive information, consider encrypting the email, or password-protecting documents as a minimum.
  4. Secure File Sharing:
    Avoid emailing files where possible. Use secure file sharing, especially when sharing files internally. Save files in a shared area on either your internal server or in the cloud (depending on your organisation) and update the shared document.
  5. Report Suspicious Emails:
    If you receive an email that appears suspicious or looks like a phishing attempt, please report it to your IT support immediately.
    Suspicious emails can also be reported to the National Cyber Security Centre’s (NCSC) suspicious email reporting service (SERS) by forward them directly to report@phishing.gov.uk.
  6. Awareness and Training:
    Stay updated on your data protection and security policies, and participate in any relevant training or awareness programs offered by your school or trust.

Please following these guidelines to ensure the integrity of your data and protect your students and staff.

If you have any other questions about this or any other data protection topic, please contact us at DPO@schoolpro.uk.

Stay safe and healthy,

The SchoolPro TLC Team

SchoolPro TLC Ltd (2024)

SchoolPro TLC guidance does not constitute legal advice.

SchoolPro TLC is not responsible for the content of external websites.