Please note: The algorithm descriptions in English have been automatically translated. Errors may have been introduced in this process. For the original descriptions, go to the Dutch version of the Algorithm Register.
Secure mail using business rules, DLP algorithm
- Publication category
- Other algorithms
- Impact assessment
- Field not filled in.
- Status
- In use
General information
Theme
Begin date
Contact information
Link to publication website
Responsible use
Goal and impact
This algorithm is designed to support users in sending sensitive information securely and efficiently. This is encrypted with high-quality modern encryption combined with additional security options such as multi-factor authentication or password. The algorithm only affects the process of sending the relevant e-mail and attachment(s) in which the algorithm detects several types of sensitive information as configured in the management portal.
Considerations
By applying the algorithm, it provides an additional layer of protection during the transmission process. This not only significantly reduces the risk of data leakage, but also helps maintain confidentiality and integrity of the transmitted data. The human error factor is reduced by using the algorithm.
Human intervention
The relevant administrator of the organisation with appropriate access in the FileCap management portal can specify which PII should be intervened on by the algorithm. This includes PII such as BSN, IBAN, Credit Card information, confidentiality settings in Outlook, multiple recipients or keywords and domains where messages must be sent encrypted and secure at all times. The end user may have the option to disable the entire plug-in depending on the stakeholder organisation's set policy.
Risk management
The risk is making typos, in case of a typo, the algorithm does not recognise it as a form of PII. This is an accepted risk. A BSN or IBAN is incomplete in case of a typo and of little value in case of interception. For files, the first 1024 KB is read by the algorithm for ease of use, so for large files, PII may not be picked up by the algorithm. Here, it is important to make users aware of the risks at all times; after all, the algorithm remains a tool in the fight against data leaks.
Elaboration on impact assessments
IAMA does not apply because the algorithm does not affect the legal basis applicable at the IAMA and to users.
Operations
Data
The data used by the algorithm is based on regular expressions (Regex) to identify the categories of PII. During the development of the algorithm, the patterns in relevant PII were considered. Based on these patterns with the additional different characteristics per category, the regular expressions were defined.
Technical design
When an e-mail is created and the algorithm is active, the algorithm can see if the message or attachments contain sensitive information as defined by the administrator. The algorithm will warn the user not to send the e-mail and attachments encrypted and unsecured. In doing so, the algorithm focuses on the following input fields: sender, recipient(s), subject, e-mail message and attachments. This data forms the input for the algorithm's operation.
External provider
Similar algorithm descriptions
- This algorithm supports users in sending secure, encrypted e-mails based on automatically detected, predefined information. The algorithm helps prevent data breaches.Last change on 31st of March 2025, at 14:04 (CET) | Publication Standard 1.0
- Publication category
- Other algorithms
- Impact assessment
- Field not filled in.
- Status
- In use
- This algorithm helps e-mail users determine when an e-mail contains sensitive information and should be sent securely.Last change on 17th of January 2025, at 16:19 (CET) | Publication Standard 1.0
- Publication category
- Other algorithms
- Impact assessment
- Field not filled in.
- Status
- In use
- This algorithm helps e-mail users determine when an e-mail contains sensitive information and should be sent securely. Application is integrated into Outlook's mail environment.Last change on 8th of July 2024, at 12:36 (CET) | Publication Standard 1.0
- Publication category
- Other algorithms
- Impact assessment
- Field not filled in.
- Status
- In use
- This algorithm helps e-mail users determine when an e-mail contains sensitive information and should be sent securely.Last change on 16th of December 2024, at 8:17 (CET) | Publication Standard 1.0
- Publication category
- Other algorithms
- Impact assessment
- Field not filled in.
- Status
- In use
- This algorithm helps e-mail users determine when an e-mail contains sensitive information and should be sent securely.Last change on 28th of November 2024, at 15:04 (CET) | Publication Standard 1.0
- Publication category
- Other algorithms
- Impact assessment
- Field not filled in.
- Status
- In use