GCSx Email Guide for Internal Users

How to send sensitive business and personal information securely

2

Document control

Description GCSx Email Guide for Internal Users

Version V.2

Created May 2013

Status Approved

Authorisation Name Date

Prepared by XXXXXX May 2013

Checked by XXXXXX July 2013

Approved by

Version control

Version no. Date Author Reason for new version

V 1.1 May 2013 XXXXXX Creation of Guidance

V 2.0 July 2013 XXXXXX Amended to include reference to protective marking. Additional minor amendments to make document available as corporate policy instead of solely for Adults & Communities.

Date last reviewed: [ July 2013 ] Date of next review: [ July 2014 ]

3

Contents

GCSx Email Guide for Internal Users ................................... 1

How to send sensitive business and personal information securely ................................................................................. 1

Contents ................................................................................ 3

Introduction ........................................................................... 4

Encrypt and Send ................................................................. 5

Access to GCSx mailbox ...................................................... 6

Setting up a GCSx mailbox ................................................... 7

Adding Shared Mailbox - Outlook 2002 or 2003 ............................. 7

Adding Shared Mailbox - Outlook 2010 .......................................... 7

Using protective marking ...................................................... 8

Sending Emails from GCSx mailbox ..................................... 9

Receiving Emails from GCSx mailbox ................................ 11

Replying and forwarding emails from GCSx mailbox ......... 12

Outlook and GCSx .............................................................. 13

Adding GCSx email address to Outlook signature ........................ 13

Adding the GCSx Inbox to the Favourite Folders panel ................ 13

Help and support ................................................................. 15

Helping External Recipients ......................................................... 15

Appendix 1 – Secure Email Process................................... 16

4

Introduction In order to meet the needs of our residents we sometimes have to share sensitive business or personal information with other public and non-public organisations. Any such sharing is done lawfully in accordance with the Data Protection Act 1998. The council has two secure email methods. The first, the Government Connect Secure Extranet, more commonly known by the acronym GCSx, facilitates the emailing of sensitive personal data with other public bodies such as the police or health partners. A software application called Encrypt and Send is used when there is a valid reason to email sensitive personal information to non public organisations, such as care homes.

Secure email is a method of sending information in emails and attachments which are protected against unauthorised access. It is the responsibility of all Barnet staff to securely send emails and attachments of a sensitive personal nature to other public bodies. Please note that emails sent and received internally via our @barnet.gov.uk email address are automatically via a secure network so using GCSx or Encrypt and Send is not required.

This guidance sets out how to use your GCSx mailbox in Outlook. If you are unsure as to when you should use GCSx, please see ‘Appendix 1 Secure Email Process’ for guidance.

Our GCSx accounts make use of the Public Sector Network (PSN). This is a secure ICT environment for the UK Public Sector. Emails sent via GCSx can only be delivered to recipients with email addresses which are compliant with the PSN. Currently only email addresses ending in the following are PSN compliant:

cjsm.gov.uk

cjsm.net

gcsx.gov.uk

gse.gov.uk

gsi.gov.uk

gsisup.co.uk

nhs.net

pnn.gov.uk

pnn.police.uk

scn.gov.uk

hscic.gov.uk

gsx.gov.uk

Important notes on the above:

@cjsm.net - To send a secure email to the LBB legal team in Harrow just add cjsm.net to the end of the recipient’s email address: firstname.lastname@harrow.gov.uk.cjsm.net @GCSx.gov.uk - Barnet Council GCSx accounts are formed in the following way please

use this format when communicating with public bodies: Firstname.Lastname@Barnet.GCSX.gov.uk @nhs.net - Most health staff, and everyone at BEH MH NHS Trust are entitled to a @nhs.net account; if they don’t currently have one they must contact their IT department to request one is set up.

5

Encrypt and Send To send a secure email to an individual or organisation that does NOT have an email address compliant with the secure Public Service Network (PSN), then ‘Encrypt and Send’ in Outlook is to be used. If you are unsure as to when you should use Encrypt and Send, please see ‘Appendix 1 Secure Email Process’ for guidance. All Barnet staff are responsible for the information that they use and share with others and should use Encrypt and Send when: Sending sensitive business or personal information via email to a individual or

organisation outside of the London Borough of Barnet’s secure email network

and if

You cannot use the GCSx secure email method.

Emails sent using Encrypt and Send are not sent directly to an email address they are stored in a Secure Message Center which protects the sensitive personal information against unauthorised access.

The external recipient of the email receives a notification email that contains a link to the Secure Message Center. They have to log on to the Secure Message Center to view the email and any attachments using a password, they create, as part of the initial registration. Once registered external users can use the Secure Message Center to reply, forward or compose new emails, which can ONLY be sent to a ‘@barnet.gov.uk’ email addresses, not any other. Guidance for staff on how to use Encrypt and Send, and for external partners on how to use the Secure Message Center is available on the intranet. Encrypt and Send Email Guide for Internal Users Secure Message Center Email Guide for External Users

6

Access to GCSx mailbox GCSx is used when composing an email in Outlook, but it is not automatically installed for all Barnet staff. You can check if a GCSx mailbox is installed in your Outlook as follows:

1. Open Outlook

2. If installed the GCSx mailbox will be listed under All Mail Folders as below:

All Barnet staff are required to send sensitive business or personal information securely. If you do not have a GCSx mailbox it is your responsibility to request it via your line manager. Your line manager authorises this request by submitting a GCSx mailbox installation request via the IS Self Service system: http://isselfservice/sw/selfservice/portal.php also acknowledging that you have been supplied with the ‘Barnet Council PSN Acceptable Use Statements’ (link to document below) which outlines your user responsibilities. Barnet Council PSN Acceptable Use Statements

7

Setting up a GCSx mailbox

Once you are advised that your GCSx mailbox has been set up by the IS Service desk it may take up to 24 hours to take effect. You then need to manually add your GCSx mailbox to Outlook to enable its use. The GCSx mailbox is in addition to your usual mailbox with the @barnet.gov.uk email address.

Adding Shared Mailbox - Outlook 2002 or 2003

1. On the Tools menu, click E-Mail Accounts. 2. In the E-Mail Accounts dialog box, click View or change existing e-mail

accounts, and then click Next. 3. Click Microsoft Exchange Server in the service box, and then click

Change. 4. For the Exchange Server Settings, click More Settings. 5. On the Advanced tab, click Add. 6. In the Add Mailbox box, type the name of the mailbox eg:

firstname.surname@Barnet.GCSX.gov.uk

7. Click OK twice

You will need to log off your pc and then back on for the changes to take effect.

Adding Shared Mailbox - Outlook 2010

1. Select the File menu, click on Account Settings and choose Account Settings…

2. Click on the Change button and then the More Settings… button

then

3. On the Advanced tab, click Add. 4. In the Add Mailbox box, type the name of the mailbox 5. Click OK twice

You will need to log off your pc and then back on for the changes to take effect.

8

Using protective marking Protective marking is a way of ensuring that access to information and other assets is correctly managed and that assets are safeguarded to an agreed and proportionate level throughout their lifecycle. It is also a way of indicating to others the levels of protection required to prevent the compromise of the information.

If you are sending an email using your GCSx account you must use the subject line to classify the email using protective marking. This should look like the image below with the protective marking, descriptor (if appropriate) and then subject title.

The Protective Marking for GCSx Emails Policy can be found on the intranet.

You must read the Protective Marking for GCSx Emails Policy before using your GCSx account for the first time.

9

Sending Emails from GCSx mailbox Sending a GCSx email is not automatic, you have to search for and select your GCSx Mailbox address in the From… field for each email being sent, to do this:

1. Open Outlook

2. Select New from the tool bar to compose a new email

3. Select the drop down arrow to the right of the Options on the tool bar (not the Options button)

4. Select From in the drop down list:

5. An additional From… address field will be displayed on the new email.

Select and search for your GCSx email address from the global address list, highlight then select OK.

6. Finish composing the email by completing the following as required:

10

To… (Only use an email address that is PSN compliant as per list on page 3) Cc… (Only use an PSN compliant or internal @barnet.gov.uk email address) Subject: (Title of the Email) including protective marking classification. Attach… (Add attachment/s ) Add the text in the body of the email and select Send

To reduce the risk of a Data Protection Act (DPA) breach there is a block on staff sending GCSx emails to insecure email addresses (i.e. non-GCSx email addresses – yahoo, hotmail, gmail etc.)

Emails sent from your GCSx email address to an email address which is not PSN complaint will ‘bounce back’ with a rejection notice as below.

If you receive this message, it means your email was not delivered. Please check the recipient’s email address for accuracy and compliance.

Important Note: All emails sent from your GCSx email address are copied to your regular Sent Items folder in Outlook, NOT to the Sent Items folder of the GCSx Mailbox. You can identify from Sent Items folder which emails have been sent via GCSx as they are listed under the From list with your GCSx email address.

11

Receiving Emails from GCSx mailbox

When receiving an email to a GCSx mailbox, Outlook does not display an email notification icon or message on screen or in your regular mailbox. It is your responsibility to check your GCSx mailbox on a regular basis, daily if required.

To check your GCSx mailbox select the icon to the left of your GCSx mailbox which will expand your GCSx mailbox folders:

If you have new emails in your GCSx mailbox the Inbox will be in bold text indicating the number of new emails received.

All emails sent to your GCSx mailbox can be viewed, opened and managed in the same way as your emails to you regular inbox (i.e.: they can be moved, deleted, forwarded, replied to etc) if forwarding remember to send the email securely via either GCSx or Encrypt and Send as appropriate.

12

Replying and forwarding emails from GCSx mailbox

You can reply and forward emails received to your to a GCSx mailbox and unlike when sending new emails they are automatically sent from your GCSx email address.

1. Open your GCSx Mailbox and select Inbox

2. Highlight the email you wish to reply to or forward with one mouse click, or open the email with a double mouse click.

3. Select either Reply, Reply to All or Forward - check that only PSN compliant or internal @barnet.gov.uk email address are used, DO NOT reply or forward to any other email addresses.

4. Your GCSx email address is automatically entered in the From… field. Complete the email as required and select Send.

Important Note: All emails sent from your GCSx email address are copied to your regular Sent Items folder in Outlook NOT to the Sent Items folder of the GCSx Mailbox.

You can identify from Sent Items folder which emails have been sent via GCSx as they are listed under the From heading with your GCSx email address.

13

Outlook and GCSx

Adding GCSx email address to Outlook signature

If you have a GCSx email address ensure you add it to your Outlook email signature which appears on the bottom of your emails. This informs external colleagues from Public Bodies that have a secure email address.

The format for all Barnet GCSx email addresses is:

firstname.surname@gcsx.gov.uk

Please see the following Intranet guidance of how to set up the Barnet standard email signature in Outlook: Email Signature Standard - Staff

Adding the GCSx Inbox to the Favourite Folders panel

Adding your GSCx mail inbox to your ‘Favourite Folders’ makes it easier to access and view new emails received.

1. Open your GCSx mailbox and find the Inbox folder:

2. Right-click on the Inbox folder, and select Add to Favourite Folders from the menu list:

14

3. Your Inbox in Mailbox-Surname, Firstname, gcsx folder will now appear in the top left Mail section under Favourite Folders:

4. Your GCSx Inbox will change to bold text if there are unread emails in it and the number of unread emails will be displayed in blue. Click on the GCSx Inbox to read and manage your secure emails:

15

Help and support

To request a GCSx Mailbox or if you need assistance using GCSx Mailbox please contact the Service Desk on:

Email: servicedesk@barnet.gov.uk Tel: 020 8359 3333

Helping External Recipients

External users of secure email may contact you for guidance when they are sending and receiving emails. Please assist them where you can to ensure we communicate securely and effectively with our partner organisation and members of the public. Public Bodies - Public Service Network (PSN) If the external user has secure email via the PSN secure network (see page 4 for

a list of compliant email addresses) ensure the correct GCSx Mailbox email address is communicated for Barnet staff:

Firstname.Lastname@Barnet.GCSX.gov.uk

Non - Public Bodies - Encrypt & Send - Secure Message Center External users that receive secure emails via Encrypt & Send use the Secure Message Center to read and manage emails. If they contact you for assistance please ensure they have received the following guidance and make yourself familiar with it so you can assist them: Secure Message Center - Email Guide for External Users - How to receive and send confidential emails securely

16

Appendix 1 – Secure Email Process

Link to Guidance: Encrypt and Send Email Guide for Internal Users