Staff Requirements for Sensitive Information and Email Encryption

Ted works in the billing department of a large university’s medical clinic. He replies to an email request for billing information from their associated hospital partner.

Ted knows this message contains sensitive information for a recipient outside the university’s network. Therefore, he tags the email as Confidential to encrypt it before sending. Ted also includes a set of instructions to the recipient explaining how to decrypt and read the sensitive message and re-encrypt any replies.

With over 10,000 faculty and staff email users on ECU’s Exchange email system, one of the biggest concerns on campus is the accidental breach of sensitive information such as FERPA, HIPAA or PCI through email. This can happen when an email containing sensitive information is sent unencrypted to a recipient outside the ECU network. The message could be stolen while en route or inadvertently sent to the wrong recipient.


All faculty and staff now have the ability to send encrypted email and are required to do so when a message contains sensitive information to an outside address. Fortunately, this is a simple matter of either tagging the message as CONFIDENTIAL or typing [sendsecure] in the subject line.

What is Encryption?

Encryption uses a mathematical algorithm to scramble electronic text in an email or document so that it can only be read by the recipient who has the key to unscramble (decrypt) the information back to a readable form.

It is the easiest and most practical method of protecting data stored or transmitted electronically and is particularly essential with sensitive data. Even a single failure to encrypt sensitive data, whether through email or via a stolen flash drive or laptop, can result in a security breach with criminal or civil liabilities and irreparable harm to finances and the reputation of the university.

When is Encryption Required?

If an email containing sensitive information is addressed to a recipient outside the ECU network, it must be encrypted by tagging it as CONFIDENTIAL or typing [sendsecure] in the subject line. To decrypt and read the email, the recipient registers once with Cisco.

Note that all messages in a conversation – replies and forwards – must be encrypted before sending.

To see step-by-step instructions for both encrypting and decrypting an email:

What is Considered Sensitive Information?

Examples of sensitive information include:

  • Social Security number (SSN)
  • credit & debit card number
  • driver’s license number
  • personally identifiable patient information
  • personally identifiable student information
  • personnel information
  • proprietary research data
  • legal data

Learn More about Sensitive Information at ECU

To learn more about sensitive information at ECU, visit the following websites:

Guidelines for Protecting Sensitive Data –

Compliance and Regulations –

Email Encryption –

HIPAA Policies –

FERPA Policies –

Payment Card Industry (PCI) Information –

Social Security Number Regulations –

SAS software and training, Student/alumni e-mail, changes to Buccaneer, and more…

SAS is now offering SAS University Edition and two training classes for free! 
SAS University Edition now available!
SAS now offers to students, professors and researchers the SAS University Edition.  It’s easy to use, easy to access and best of all it’s FREE.  This is a limited, yet powerful version of SAS offering access to the following components: 
  • Base SAS
  • SAS Studio
If you need access to additional SAS components beyond what the SAS University Edition offers, the SAS Education Analytical Suite is still available, which includes access to the full suite of SAS components, but for a light, simple, scaled-down version, the SAS University Edition may be an option for you.
How to obtain SAS
SAS Education Analytical Suite (Full version)
SAS University Edition (Limited version)
FREE e-Learning Courses
Did you know that SAS offers two free e-Learning courses to help get you started?  SAS Programming I willSAS Academic Training Pointshelp you write SAS programs and Statistics I will help you perform statistical analysis using SAS/STAT.  All you need to do is create a SAS account profile and you’ll be on your way to access your training.
Additional SAS courses are available to ECU faculty, staff, and students through the Academic Training Points program. Contact Jennifer Raby ( for registration information.

For more information about SAS including supported versions, training & support and other helpful resources, please visit SAS software.


 Great news for ECU Pirates- ECU student e-mail accounts will automatically become ECU alumni e-mail accounts upon graduation! This means:

  • The e-mail address will

  • Students will keep all of the e-mails that are in their student e-mail account at the time it’s switched over to an alumni e-mail account.

  • Students will receive all future e-mail sent to e-mail address, even after graduation, because it will be automatically delivered to their address (however, after graduation, students will no longer be able to SEND from e-mail address).

  • Students will be able to log into their e-mail account with the PirateID and Passphrase they have at the time their student e-mail account is switched over.

  • Students’ new ECU alumni e-mail account will have their online mailbox and OneDrive file storage; the Office suite of software (Microsoft Word, Excel, PowerPoint, etc.) they have as a current student is not available as part of ECU alumni e-mail.

  • The only change students will need to make as part of this process is to the e-mail address on any of their mobile devices that access their current ECU student e-mail account. STUDENTS WILL RECEIVE A NOTIFICATION FROM ECU WHEN THEY NEED TO MAKE THIS CHANGE.
Friendly reminder: Changes to ECU’s Buccaneer wireless network

On Sunday, January 4, 2015 (revised date), ITCS will be requiring users to have the Cisco NAC Agent installed on Windows computers prior to accessing network resources through the ECU BUCCANEER wireless network.

This change is being implemented as a means to safeguard the ECU network, systems, and data against computer viruses and vulnerabilities. This software determines whether or not your system is up to date with critical updates to the operating system and if you have an acceptable antivirus application loaded with current virus definitions.

  • ECU-owned Windows mobile computers will receive the Cisco NAC Agent automatically through ITCS Desktop Technologies Support. An announcement regarding the installation of the NAC Agent will be forthcoming.
  • For personal Windows computers, the Cisco NAC Agent software is available via the ECU Download Center
  • Windows users are encouraged to download and install the Cisco NAC Agent prior to Sunday, January 4

The software is not available for iPads, Windows Tablets, Google Chrome Books and Smartphones. These types of devices will be allowed access to the network without the software

Will this change the way I connect to the Buccaneer wireless network?

Upon connecting to the ECU BUCCANEER wireless network, the Windows user will be prompted to install the Cisco NAC Agent prior to accessing network resources through the ECU BUCCANEER wireless network if the agent is not already installed.WiFiLoRes

Once installed, the software will determine if you need to install critical updates to your operating system or current virus definitions to your Antivirus application. We encourage you to follow any recommendations to update your device(s); however, if you choose not to install updates at this time, you will still be able to connect to the Buccaneer network.

As of March 2015, you will be required to follow the Cisco NAC Agent recommendations and install critical updates to your operating system or current virus definitions to your antivirus application.