Data Privacy and Skills in Using Email

In our daily work, email service has become an indispensable communication tool and it is one of the major communication tool for personal communication as well. Hence, email security is a major concern for organizations and individuals alike. Despite these concerns, external attacks such as telecommunications fraud and malware attacks are on rise. Although user’s information security awareness is increasing, the possible problems arising from the use of email cannot be ignored. In particular, for any job that involved personal data, one must handle it with special attention and care. To further enhance users’ skills in using email securely, here are some security tips:

• Before sending an email, please review the email contents, attachments, and the recipients’ email addresses;
• Before replying to email, you must confirm the identity of the sender. Do not reply to the email casually. For those emails that involve sensitive contents such as money, personal information or account password, etc., please pay special attention;
• Before forwarding emails, please check whether the email content, which include attachments and contents of reply history, is suitable for forwarding. You can also consider extracting some necessary contents instead of forwarding the entire email. Do not arbitrarily forward unconfirmed contents, so as not to spread the rumours;
• Do consider carefully the necessity of mass emailing and make good use of email system resources. For more details, please refer to the “Guidelines for Mass Email and E-mail Groups“;
• Please consider using “Reply to all”. It may cause unnecessary distortion for those who may not be concerned;
• Make good use of Bcc., to ensure that the recipients are not allowed to see each other’s email addresses, thus protecting the privacy of each recipient;
• Note the email contents and attachments. Do not send large contents or attachments, especially personal information. If it contains sensitive contents, you must consider whether it is suitable for transmission via email. In addition, the use of email must also comply with the policies of the University and existing local laws and regulations, as well as other laws that may need to be complied in other jurisdictions. (Please refer to the reference information);
• Do not rely on “email recall”! Actually, the email recall is a facilitating function that can only minimize the impact, but it cannot guarantee recalling the email 100% successfully.

In addition, users can get used to writing emails before filling in the recipients’ email addresses, so as not to send unfinished emails by mistake. If you need to select an email address from the contacts, be careful when selecting an email address as some email addresses may look similar.

* Reference information

• 1. Office for Personal Data Protection, Macao
  2. Personal Data Protection Act, Macao
  3. Privacy Policy, UM
  4. Guidelines for Handling Confidential Information, UM
  5. Acceptable Use Policy on ICTO Computing Facilities Campus Network and Internet
  6. Guidelines for Mass Email and E-mail Groups
  7. How can I identify a phishing, fake email and websites?
  8. What you need to know about EU General Data Protection Regulation?
  9. Data Privacy in an Era of Compliance
  10. Other Information Security Tips

Should you have any enquiries, please feel free to contact our Help Desk.