Skip to Page Content

Stories

Email policy prevents sharing of health, financial data

Tuesday, November 13, 2018

Effective December 1, stricter policies will be put in place in Office 365 to help prevent the sharing and storing of sensitive and restricted data via UGAMail and OneDrive for Business.

Data Loss Prevention (DLP) polices already exist to prevent UGA students and employees from sharing Social Security Numbers over email.

Additional DLP policies will include controls for other Restricted Data types, such HIPAA ePHI data, credit card data, and bank account information. There will also be a control that prevents the sharing of Sensitive Student Records.

Beginning December 1, if you try to email messages or share files with any of these data types, you may be prevented from doing so. You may see a notification in your email client or web browser.

Examples of these notification include the following:

  • A notice in your web browser or email client, reading: Policy Tip: Your email message conflicts with a policy in your organization. To send this message without removing the information, you must first select Override. View details about the information that appears sensitive.
  • You may also receive an email notification, reading: Your email message could not be sent, due to a violation of UGA’s Data Loss Prevention Policy (DLP). Sharing sensitive or restricted data, such as Social Security numbers, HIPAA ePHI data, credit card data and bank account information via email or OneDrive for Business is prohibited at the University of Georgia. If you are not transmitting sensitive or restricted data and received this message in error, contact our Help Desk at 706-542-3106.
  • You may receive an email failed to send notice, if you are using Mac Mail or a mobile app to check your email. If you think your email has been flagged in error, try using the Outlook web client, available at ugamail.uga.edu, to send the email. 

If you believe you have not violated the DLP policy, you will be able to self-service report errors and override the DLP policy with a written justification. 

You can also contact the EITS Help Desk at helpdesk@uga.edu or 706-542-3106. 

If you need to share sensitive information, you can use SendFiles, an encrypted file service that allows you to securely share sensitive documents and large files online.