Northamptonshire County Council (NCC) takes information security seriously. Client data and confidentiality is at the heart of everything we do, and with the ever-growing number of media reports about the increase in online fraud and data loss in the UK, we have reviewed our own approach to information security.
We have decided to introduce some easy-to-use data encryption measures that will ensure the security of the electronic data we share. This will help us both comply with legal and professional regulations, and puts Northamptonshire County Council firmly at the forefront of best practice.
We have chosen a solution called Egress Switch because:
- It’s free for you to use – you can receive and reply to all encrypted emails absolutely free of charge
- It’s easy to use
- You don’t need to download any software – using Web Access you can access encrypted emails without the need to download any software, although desktop and mobile apps are available free of charge
The relationship that we have with you is extremely important to us, and whilst the risk of data loss is small, it is something that we take very seriously.
You will not be required to install any software onto your PC in order for you to decrypt the message or information, but you will need to set up a free Switch account. Should you want to, however, you can download a full copy of the software at no cost, allowing you to send unlimited encrypted emails to us free of charge. If your organisation already has an installation of Egress Switch, emails sent from NCC can be decrypted and delivered to your inbox automatically.
We would like to ask you to support NCC in protecting client data and to accommodate Egress in your processes where possible.
What do I need to do when I receive a secure email?
In order to open an email sent from us using Egress Switch you must first setup a free Egress Switch account.
Instructions on how to setup an account are on the Egress Switch Help and Support pages.
Please also see the links on this page, or follow the links in any secure email you receive from us.
I'm having problems opening a secure email, where can I get help?
Egress offer support for the secure email system through their website:
Can you send me an unencrypted email so I don’t have to use Egress?
No. The Data Protection Act requires that the county council, as an organisation, takes adequate steps to protect information containing detail that is personal or sensitive in nature. To support this obligation Egress Switch has been procured by the council to deliver a secure communications package which will facilitate secure email between the council and its customers and partners.
We would not meet our data protection obligations if we were to send personal and/or sensitive data through unencrypted channels.
My organisation uses an alternative to Egress, can NCC use this system to communicate with me instead of Egress?
No. This is due to the difference between data controller and data processor which is central to understanding the Data Protection Act (DPA) – particularly in terms of working out where data protection responsibility lies. The DPA differentiates between data controllers and data processors.
It is essential for organisations involved in the processing of personal data to be able to determine whether they are acting as a data controller or as a data processor in respect of the processing. This is particularly important in situations such as a data breach where it will be necessary to determine which organisation has data protection responsibility.
The data controller must exercise overall control over the purpose for which, and the manner in which, personal data are processed. Where NCC is acting as the data controller, it is essential that a system is used which is under the control of the county council. NCC's system of choice in this situation is Egress Switch.