Email security: sending personal data

Any personal data you send by email must be kept secure. Use our tips to help keep personal data safe in emails to make sure you’re doing everything you can in line with the UK GDPR to avoid a data breach, including 'phishing' scams.

Last reviewed on 5 May 2023
School types: AllSchool phases: AllRef: 34566
  1. How to comply with the UK GDPR
  2. Ideally, store data remotely
  3. If this isn't possible: keep personal data secure in emails

How to comply with the UK GDPR

Under the UK General Data Protection Regulation (UK GDPR), you should be doing everything in your power to prevent a breach of personal data. This includes ensuring the security of personal data you send by email – so you don't accidentally send personal data to the wrong recipient, for example.

There are no specific rules on how you must do this, but there are several practical measures you can take, which we outline below.

You can also read more about the UK GDPR and how you can audit your current data processing arrangements in our other articles.

Ideally, store data remotely

This is safer and will mean you can avoid sending data within emails or as attachments to emails, and simply direct people to the data