To satisfy regulatory requirements, including but not limited to the Federal Trade Commission’s (FTC) Red Flag Rule, Payment and Credit Card Industry Data Security Standards, and the Health Insurance Portability and Accountability Act (HIPAA), the University requires all e-mail containing sensitive or confidential information, as defined by the Data Classification Policy, to be secured.

SecureMail is the University’s service for sending secured and encrypted e-mails. Encryption is a process that renders the contents of an electronic message or file meaningless to anyone not authorized to read it. The message is secured using a formula and key to hide the original message.

In general, any information about the operations of the University should be considered sensitive, whether it is about clinical, research, educational, or administrative activities. Health, education, or financial information associated with identifiable persons is considered particularly sensitive and protected by federal and private requirements (for example, FERPA, GLBA, HIPAA, PCI).

Currently, the University is in phase one, by which individuals must initiate encryption through a manual process. Phase two of this project, which will commence in approximately two weeks, will involve the application of rules that will automatically scan the content of e-mails and encrypt them based on content meeting the Red Flag Rules. It is imperative all employees familiarize themselves with this service. This is a joint effort by the Coral Gables campus and Medical IT departments. Read specific information relating to your campus:

Coral Gables campus employees click here.

Miller School campus employees click here.