You are here:

Last reviewed on 27 May 2021
Ref: 34566
School types: All · School phases: All

Any personal data you send by email must be kept secure. Use our tips to help you keep personal data safe in emails to ensure you’re doing everything you can in line with the UK GDPR to avoid a data breach.

How to comply with the UK GDPR

Under the UK General Data Protection Regulation (UK GDPR), you should be doing everything in your power to prevent a breach of personal data. This includes ensuring the security of personal data you send by email – so you don't accidentally send personal data to the wrong recipient, for example.

There are no specific rules on how you must do this, but this article outlines practical measures you could take. You may want to introduce additional measures at your own discretion.

Read more about the UK GDPR and how you can audit your current data processing arrangements.

Ideally, store data remotely

This is safer and will mean you can avoid sending data within emails or as attachments to emails, and simply direct people to the

More from The Key


Bitesize training with a big impact

Our on-demand training has your whole board covered and lets them learn at a time and pace that suits them.

Help your new governors hit the ground running with our expertly-designed induction training, and our role-specific courses support your link governors develop key skills and confidence in their role.


New eLearning: DSL refresher training

Your DSL’s training should be refreshed at least once every 2 years. 

Designed in collaboration with safeguarding experts, our 2.5 hour online refresher training course reminds DSLs how to put their knowledge into practice, with in-depth, real-world scenarios.


The Key has taken great care in publishing this article. However, some of the article's content and information may come from or link to third party sources whose quality, relevance, accuracy, completeness, currency and reliability we do not guarantee. Accordingly, we will not be held liable for any use of or reliance placed on this article's content or the links or downloads it provides. This article may contain information sourced from public sector bodies and licensed under the Open Government Licence v3.0.