Introduction
We have introduced a more secure way to send personal or commercially sensitive information by email.
As a Council, we must comply with data protection regulations and make sure that when we share personal or commercially sensitive information, it is done so securely. Failure to do so can result in large fines and damage to our reputation.
Outlook Message Encryption (OME)
As of September 2021, we now use Microsoft’s Outlook Message Encryption (OME) for sending sensitive information by email. If you receive an email that we have classified as personal or commercially sensitive you will now need to access it using OME.
If you receive an email from us containing sensitive information it will be protected – that is encrypted or secured.
Clicking ‘Read the message’ will open the email in the OME web portal.
You may receive a notification that you’ve received a protected message and need to take additional action and sign in with a work or school account, or use a one-time passcode to verify your identity, particularly if you’re using a different email account or email program.
For more detailed guidance, please view the video below. The steps are demonstrated using a Gmail account but should be similar for other email providers. Different platforms are included in the video, you can find guidance on using a desktop computer at 00:39, Android mobile phone at 02:00 and Apple iPad at 03:23.
Please see How to read an encrypted email sent from Somerset County Council for more written step-by-step guidance.
If you are experiencing issues using the One Time Passcode (OTP) method of verification, we suggest following the steps below before getting in touch with the sender.
- If you haven’t received the OTP email after requesting it, check your junk mail box. If the OTP email isn’t in your inbox or junk mail, please speak to your ICT support and check it has not been blocked
- Use a Microsoft or Google account login as an alternative verification
Sending emails to us
Personal data sent to us will be managed and protected in accordance with current data protection legislation.
To make sure your email arrives safely with us, you may wish to consider the following measures.
- Double checking the email address you are sending to for spelling errors or typing mistakes. Our email addresses will finish with @somerset.gov.uk
- Applying encryption – if you have the ability to do so. We should be able to open most encrypted emails but will let you know if we have any difficulties
- Consider attaching sensitive information in a password protected document. The password can then be communicated to the correct officer in a phone call. Do not send the password in the same or a separate email
If you do not have the ability to apply encryption but are concerned about sending highly sensitive data, you may ask the person at the Council you are sending it to to send you an encrypted mail – marked ‘Personal Data’ – which you can respond to. Responding to an encrypted email will retain the protections.