Email Best Practices: Protecting Sensitive Information

Effective email communication is essential in our daily operations, but it’s equally important to follow best practices to protect sensitive information and maintain compliance with PCI (Payment Card Industry) and PII (Personally Identifiable Information) standards.

Avoid Using Names in the Subject Line

When sending emails, do not include anyone’s name in the subject line. This helps protect privacy and ensures that sensitive details are not immediately visible. Instead, use general descriptors or relevant topics while keeping the subject concise and professional.

Encrypt Emails Containing Personal Information

If you need to send an email that contains personal or sensitive information, it must be encrypted to comply with PCI/PII requirements. Since we use Outlook, follow these steps to encrypt your message:

For Outlook Desktop App:

1. Compose a new email as you normally would.

2. Click on the Options tab.

3. Select Encrypt and choose “Encrypt-Only” or “Do Not Forward” depending on your security needs.

4. Complete your email and send it.

For Outlook on the Web (OWA):

1. Start a new email.

2. At the bottom of the message, click on the “...” (More options) button.

3. Select Encrypt and choose the appropriate encryption setting.

4. Send your email securely.

By following these simple steps, we can ensure that sensitive information is properly protected and that our company remains compliant with industry standards. Thank you for your attention to these best practices!