CUMC Home | Columbia University | Jobs at CUMC | Contact CUMC | Find People
     
Columbia University Medical Center logo,  Columbia University Medical Center Information Technology
For support: call extension 5-Help (212-305-4357) or email us
 
 
Encryption
 

Secure Email Gateway

Secure Email service is provided to all using the CUMC email system to assist the organization in meeting IT security compliance and regulatory requirements. The Secure Email service encrypts messages and attachments sent to external recipients such as Gmail, Yahoo, etc. or other non-Columbia institutions and companies. This service should not be used for internal communication, for example, emails sent to CUMC, columbia.edu or med.cornell.edu; note that NYP now requires Secure Email for messages containing PHI/PII or other sensitive data sent from a CUMC address.

Secure Email meets encryption requirements for confidential or sensitive data sent outside of internally protected email systems - addresses other than those ending in @columbia.edu, @cumc.columbia.edu, and @med.cornell.edu. Do not use another program to encrypt or password protect attached files, see Email Use Requirements for details.

Sending an Encrypted Email
  1. To send messages using the Secure Email Gateway, you must have a CUMC IT Exchange email account. These end in @cumc.columbia.edu.
  2. Compose your message as usual, with the following at the very beginning of the email's Subject line:
    #encrypt

    Secure Email with #encrypt for Subject line

    After typing #encrypt you can add more to the end of the Subject line if desired.
  3. When ready send the message as you normally would.
Receiving an Encrypted Email
The following instructions are for recipients of an Encrypted Email message (i.e. those with a non-institutional email address such as gmail.com, etc.)
  1. The recipient will see the following when they first open the message:

    CUMC Encrypted Message

    • Selecting the SecureMessageAtt.html attachment (or links to View or Download it), or the Click here link in the middle of the message or will open a new browser window with a Click to read message button.
    • The message may take one to two minutes to be able to be viewed; if you see a "session timeout" message, wait a few minutes and select the Click here link to try again.
    • A More Info link below the Click to read message button will open instructions on using CUMC secure email.
  2. Select the Click to read message button; another browser window will open with a a prompt to register or login:
    • If you have not used the CUMC Encrypted Email site for your email address before, a Registration window will appear. Fill out the form with your First and Last Name, then select a Password for the Encrypted Email site.

      Registration Window for CUMC Encrypted Email Password

      Information on password requirements (must be 7-20 characters long, at least one digit is required, and the username cannot be part of the password) are shown when your cursor is in the Password or Confirm Password fields.
    • If you have used the CUMC Encrypted Email site before you will be prompted to login. Type in the Password you had already selected for the Encrypted Email site and click Continue.

      CUMC Encrypted Email Login Window

      If you cannot remember your password for the Encrypted Email site see below for help.
  3. After successful registration or login, the browser will show the full message. In some cases you may be prompted with a Click to read message button again and can click it to continue.

    Encrypted email shown in web browser

    • Please note that you are not permitted to CC (copy) the email to external addresses other than the sender's domain (@cumc.columbia.edu in the above picture), or other CUMC related domains: @med.cornell.edu, @columbia.edu and @cumc.columbia.edu.
    • You can use the Reply or Reply All links to the upper left of the message to respond to the sender and others copied in the message. Replies and any attachments are secure.
  4. Select the Logout link in the upper right corner of the message window when done.
NOTE: The Click here link in the original message expires after 7 days. To view the message after this, select the option to Download the "SecureMessageAtt.html" attachment.

Encypted Message Expiration

Login and Password Issues
  1. The Secure Email portal allows 8 incorrect password attempts before the account is locked. It will remain locked for one minute, after which you may try again or request a password reset.

    Encrypted Email Account Locked Message

  2. Select the Forgot Password link in the lower right of the login screen to have a password reset request sent to your email address.

    Encrypted Email Forgot Password link

  3. After a few moments you will receive a password reset email. Select the link in the message to reset your password for the CUMC Encrypted Email site.

    Encrypted Email Password Reset Message

    Note that the reset link can only be used once and will expire after 30 minutes.
  4. The link will open a browser window prompting to enter a new password for your account. Type in your desired password in both the New password and Confirm password fields, then select Continue.

    Encrypted Email New Password form

If you are not able to successfully reset your password please send an email to CUMC IT support at 5help@columbia.edu from the email account that received the secure message.

| TOP |

Last updated 8/28/2015