UC San Diego SearchMenu

Email Encryption Overview

Learn about email encryption at UC San Diego, including UC San Diego Health.

Secure email

Email encryption is a security measure to encode, or scramble, a message so that only the recipients with the key (code) can unscramble and read the message.

Proofpoint Email Encryption

UC San Diego, including UC San Diego Health, has deployed Proofpoint Email Protection to provide protection of certain sensitive information when sent via email from the UC San Diego network to external recipients. The information below outlines how to use this system.

For more information about Proofpoint, see

Frequently Asked Questions

Expand all

What sensitive information should be encrypted?

Anyone who sends sensitive information to external (outside of UC San Diego) recipients must use encryption.

In the course of the academic mission and day-to-day administration, UC San Diego handles large amounts of personal data. Much of this data is not sensitive and is, in fact, publicly available. However, some of it is sensitive, including personal, financial, medical, and legal information.

Prominent examples of data protected by federal and state laws, university policy, and our general recommendations follow. (Context can play a role in data sensitivity so this list is not exhaustive):

  • Do not send the following over encrypted or unencrypted email:

    • Credit card numbers
  • You must encrypt:

    • Health and Medical information that contains any of the 18 specific identifiers
    • First name or first initial and last name in combination with any one or more of the following data elements:
      • Social Security Numbers
      • Driver's license number or California identification card number
      • Account number, debit card number, in combination with any required security code, access code, or password that would permit access to an individual's financial account
      • Medical information
      • Health insurance information
    • A user name or email address, in combination with a password or security question and answer that would permit access to an online account.
  • We suggest you encrypt:

    • Student record information (FERPA)
    • First name or first initial and last name in combination with any one or more of the following data elements:
      • Passport numbers
      • Foreign visa numbers
      • Mother’s maiden name
      • Birth month, day and year
      • Biometrics (fingerprint, retina scan, etc.)
    • Sensitive HR and employee information

I use an encrypted method of communication with external customers already, should I use this method instead?

No, please consult your local IT personnel for guidance.

How do I send an encrypted email?

How do recipients un-encrypt an encrypted email?

Can I send an encrypted email to someone within UC San Diego?

This method of encryption can only be used between external recipients and your UCSD email account. If you have a need for end-to-end encryption, please contact the ITS Service Desk or the Health IS Service Desk.

What part of the email is getting encrypted?

The message body and attached files will be encrypted. Note that the subject line is not encrypted.

Is the information I send with email encryption secured on my computer?

Information and files stored on your computer and in your sent items folder are not encrypted unless you are taking additional action to do so. Consult with your local IT security personnel for advice and detail.

How can I securely forward an encrypted message I received?

To forward an encrypted message, the first recipient must initiate a new email message and mark it "secure:" in the subject line. Note, if a recipient just forwards a secured message, the new recipient(s) will not be able to decrypt the message.

When does my message get encrypted?

The Proofpoint Secure Email system is designed to encrypt messages to external recipients. If you initiate an encrypted message, it will be encrypted as it leaves the UC San Diego border email gateways.

How do I know if encryption has been enabled for my account?

Send an encrypted test message to your personal external email account. Verify that that the message was encrypted. If the message was not encrypted, please contact the ITS Service Desk for troubleshooting.

Can I be offline and open encrypted emails?

No, you must have access to the Proofpoint Secure Email.

Expand all