CUMC Home | Columbia University | Jobs at CUMC | Contact CUMC | Find People
For support: call extension 5-Help (212-305-4357) or email us

Secure Email Gateway

Secure Email service is provided to all persons using the CUMC email system to assist the organization in meeting IT security compliance and regulatory requirements. The Secure Email service encrypts messages and attachments sent to recipient addresses that are not part of an Approved OHCA Email System. Note that due to the move of account space to LionMail, these accounts are not an Approved OHCA Email System. Secure Email should not be used for internal communication, for example, emails sent to CUMC, NYP, or For more information on approved systems please see this FAQ.

Secure Email meets encryption requirements for confidential or sensitive data sent outside of internally protected email systems - addresses other than those ending in,, and Do not use another program to encrypt or password protect attached files, see Email Use Requirements for details.

If you are unsure whether an email message or attachment being sent outside of internally protected email systems contains Sensitive Data, you must contact your supervisor or the Office of HIPAA Compliance before initiating the email communication.

Sending an Encrypted Email
  1. To send messages using the Secure Email Gateway, you must have a CUMC email account. These end in
  2. Create your message as usual but put #encrypt at the beginning of the email's Subject line:
  3. Secure Email with #encrypt for Subject line
    After typing #encrypt you can add more to the end of the Subject line if desired.
  4. Email messages containing EPHI must include the following confidentiality notice:
    This electronic message is intended to be for the use only of the named recipient and may contain information that is confidential or privileged. If you are not the intended recipient, you are hereby notified that any disclosure, copying, distribution or use of the contents of this message is strictly prohibited. If you have received this message in error or are not the named recipient, please notify us immediately by contacting the sender at the electronic email address noted above, and delete and destroy all copies of this message. Thank you.
  5. When ready, send the message as you normally would.
Receiving an Encrypted Email
The following instructions are for recipients of an Encrypted Email message (i.e. those with a non-institutional email address such as, etc.).
NOTE: See the Troubleshooting section below if a recipient using Internet Explorer 9 or earlier cannot view the secure email in their browser.
  1. The recipient will see the following when they first open the message:
    CUMC Encrypted Message
    • Selecting the SecureMessageAtt.html attachment (or links to View or Download it), or the Click here link in the middle of the message or will open a new browser window with a Click to read message button.
    • The message may take one to two minutes to be able to be viewed; if you see a "session timeout" message, wait a few minutes and select the Click here link to try again.
    • If a "cannot display this webpage" error appears in Internet Explorer 9 or earlier see the Troubleshooting section below.
    • A More Info link below the "Click to read message" button will open instructions on using CUMC secure email.
  2. Select the "Click to read message" button; another browser window will open with a a prompt to register or login:
    • If you have not used the CUMC Encrypted Email site for your email address before, a Registration window will appear. Follow the instructions for registering in the Troubleshooting section below.
    • If you have used the CUMC Encrypted Email site before you will be prompted to login. Type in the Password you had already selected for the Encrypted Email site and click Continue.
    • CUMC Encrypted Email Login Window
      If you cannot remember your password for the Encrypted Email site see the Troubleshooting section below for help.
  3. After successful registration or login, the browser will show the full message. In some cases you may be prompted with a "Click to read" message button – click it to continue.
    Encrypted email shown in web browser
    • Please note that you are not permitted to CC (copy) the email to external addresses other than the sender's domain ( in the above picture), or other CUMC related domains such as,, and
    • You can use the Reply or Reply All links to the upper left of the message to respond to the sender and others copied in the message. Replies and any attachments are secure.
  4. Select the Logout link in the upper right corner of the message window when done.
NOTE: The Click here link in the original message expires after 14 days. To view the message after this, select the option to Download the "SecureMessageAtt.html" attachment.
Encypted Message Expiration

Forwarding, Redirecting or Copying Electronic Mail

CUMC policy prohibits automatic forwarding, redirection, or automated delivery of email outside of the CU/Hospital OHCA environment. You are not permitted to CC (copy) the email to external addresses other than the sender's domain ( in the above picture), or other CUMC related domains:,, and


A. First-Time Registration

  1. The first time you attempt to retrieve an encrypted message, you will be redirected to a form used to register as a Secure Mail user. Fill out the form with your First and Last Name, then select a Password for the Encrypted Email site.
  2. Registration Window for CUMC Encrypted Email Password
  3. Information on password requirements (must be 7-20 characters long, at least one digit is required, and the username cannot be part of the password) are shown when your cursor is in the Password or Confirm Password fields.
  4. Hit Continue when you've filled out the entire form. This will complete the registration process and you will be brought back to a the message you are attempting to retrieve.

B. Password Issues

  1. The Secure Email portal allows 8 incorrect password attempts before the account is locked. It will remain locked for one minute, after which you may try again or request a password reset.
  2. Encrypted Email Account Locked Message
  3. Select the Forgot Password link in the lower right of the login screen to have a password reset request sent to your email address.
  4. Encrypted Email Forgot Password link
  5. After a few moments you will receive a password reset email. Select the link in the message to reset your password for the CUMC Encrypted Email site.
  6. Encrypted Email Password Reset Message
    Note that the reset link can only be used once, and expires after 30 minutes.
  7. The link will open a browser window prompting to enter a new password for your account. Type in your desired password in both the New password and Confirm password fields, then select Continue.
  8. Encrypted Email New Password form

If you are not able to successfully reset your password please email to CUMC IT support at from the email account that received the secure message.

C. Internet Explorer IssuesIE 9 Internet Options showing TLS

Anyone using Internet Explorer version 9 or earlier will need to make sure they have settings called TLS 1.1 and 1.2 enabled. If not they may see a "cannot display the webpage" error.
  1. With Internet Explorer open, select Tools - Internet Options from its uppermost menu bar.
  2. In the Internet Options window that appears select the Advanced tab.
  3. Check the options to Use TLS 1.1 and Use TLS 1.2 in the Settings list. You may need to scroll down using the bar to the right of the Settings list to find these options.
  4. Click Apply in the lower right to save the settings, then OK to close the Internet Options window.
  5. Close any open Internet Explorer windows before clicking the attachment or link in the secure email notification you received.
If you are not able to access your Internet Explorer options or save your changes, you may need to be logged in to the computer with Administrative rights. Please contact your computer's IT support staff for assistance.

| TOP |

Last updated 3/04/2019