1. Home
  2. Main Articles
  3. Group Email Good Practice
Menu

Group Emails Good Practice

This article serves as a comprehensive guide on best practices for sending group emails with external recipients. Email is a fast and efficient way of communicating information, but errors in sending emails can lead to inadvertent disclosure of information, which is a leading cause of data breach incidents within organisations. This guide aims to provide practical advice on how to avoid such errors and ensure that email communication remains secure and effective.

Good Practice Guide for sending group emails with external recipients
Email provides a fast and efficient way of communicating information. However, errors when sending an email which result in the inadvertent disclosure of information are one of the leading causes behind data breach incidents reported within organisations and to the Information Commissioner.

  1. Sending group emails - If you are sending an email to several recipients and either you do not want each recipient’s email address to be visible to all other recipients or there are personal / external emails that should not be visible to all other recipients, you should insert the recipients’ email addresses into the ‘BCC’ rather than the ‘to’ or ‘CC’ fields.
  2. Distribution lists - have processes in place such as discrete distribution lists, checklists and even asking a colleague to review your email to confirm that everything is in order before clicking ‘send’. If you do use a distribution list, make sure to review it regularly for accuracy and that it only contains recipients who require the information.
  3. Double check email recipients - the main reason for emails being sent in error is simple human error. So, while it may sound simple, the main way to prevent data breaches when using email is to be careful and pay attention.
    For example, when checking the recipients of an email, double click on a recipient’s name as displayed in the ‘to’, ‘CC’ or ‘BCC’ fields so that their full email address is visible. Then confirm if this is the address that you are intending to use.
  4. Setting a delay rule - consider creating a rule which delays Outlook from sending an email for between two to five minutes after you have clicked ‘send’. This would allow you to go into your Outbox and change or delete the email if you do find an error after you have clicked ‘send’.  If not setting a delay rule, consider saving to drafts and revisiting a few minutes later with fresh focus.
  5. Recall – the recall functionality does not work out with the Council network therefore you must not try to recall an email that has external recipients as this will not recall the email and will only re-send the original email to all recipients.
  6. Email threads - be careful when forwarding emails with multiple conversations, also known as ‘email threads’. There is a risk that more information than is necessary will be disclosed to a recipient where you forward the entire email thread. If an email thread is too long or contains information that the sender doesn’t need to know, consider alternatives, such as drafting a new email.

In conclusion, while email remains a vital tool for communication, it is imperative to follow best practices to prevent data breaches and ensure confidentiality. By using techniques such as BCC for group emails, double-checking recipients, setting delay rules, and carefully managing email threads, you can significantly enhance the security and effectiveness of your email communications. Remember, attention to detail and adherence to these guidelines will protect the council from inadvertent disclosures and maintain the integrity of your information.

Rate this Page