0107.000.00 Administrative Procedures

0107.010.05 Email Policy

IM-65 December 12, 2024; IM-29 April 9, 2015; IM-38 April 25, 2012; IM-16 February 23, 2012

Email is not a secure method of transmitting information. Email containing information of a confidential or sensitive nature must contain the following statement: “This communication is being transmitted by the Department of Social Services (DSS) and is confidential, privileged, and intended only for the use of the recipient named above. If you are not the intended recipient, unauthorized disclosure, copying, distribution or use of the contents is strictly prohibited. If you have received this in error, please notify the sender and destroy the material received.”

Transmitting information of a confidential or sensitive nature (i.e. Federal Tax Information (FTI), Protected Health Information (PHI), Personal Identifying Information (PII) such as SSN or DCN, etc.) via email to entities that do not have a mo.gov email address is only permitted if the email is encrypted. To encrypt an email and with or without attachments, type the following somewhere in the subject line: [encrypt].

When an email is sent using [encrypt] in the subject line, it will require decryption by the recipient of the email. Upon receiving and opening a DSS encrypted email the message instructs the recipient to open the attachment called “SecureMessageAtt.html”. When the recipient opens the attachment, they are prompted to click a button to read the message. The first time a recipient opens an encrypted message sent using the Proofpoint email encryption system, they are prompted to register with the Proofpoint email encryption system. This is a one-time registration process and is required to view the encrypted message. Detailed instructions to send or open, and to register to receive encrypted emails can be found at http://dss.mo.gov/encrypt.htm. DSS staff are encouraged to share this information with email recipients prior to sending an encrypted email.

Persons who are not State employees using a non-State email account will have the capability to send a secure email to FSD staff by following “Instruction #3: How DSS clients, business partners and end-users can send an encrypted email to DSS” found at http://dss.mo.gov/encrypt.htm.

Protected information, including federal tax information, must not be transmitted by email outside of the DSS, either in the body of an email or as an attachment.

Emailing FTI (Federal Tax Information) is prohibited but should it be necessary the following must be followed:

  1. The email recipient is authorized to receive, FTI; and
  2. The email subject line contains “FTI” to ensure the recipient is aware that the email contains FTI; and
  3. The email is sent encrypted; and
  4. The email subject line contains no confidential information, such as name or DCN, because the subject line displays even when the email is encrypted; and
  5. Any email attachment(s) that contain FTI are encrypted.

If protected information must be sent by email, staff may only send via the DSS internal email system.

In the event FTI is incorrectly emailed/disclosed, notify Family Support Division, Income Maintenance Security Officer in Central Office at FSD.IMPRIVACY@DSS.MO.GOV and attempt to recall the email. If unsuccessful, contact ITSD to attempt to disable the email before the recipient tries to read the email.  View 0165.000.05 Incident Response for Unauthorized IRS Disclosures and follow steps to report Unauthorized IRS Disclosures.

NOTE: When leaving a workstation, log off, or lock computers.