Email security and encryption
Protecting your personal data
MPS recognises the importance of protecting individuals’ personal data and the responsibility we all have in ensuring the security of the data we hold. Using a secure email solution provides an added layer of protection to minimise the risk of interception and the misuse of confidential and sensitive information. MPS currently sends external emails using industry standard encryption technology already widely adopted by many organisations and webmail providers.
In April 2015 we introduced further protection measures for the email correspondence we have with our members, representatives and other organisations.
For those of you who are directed to collect your message and any attached documents from MPS through via a secure messaging portal, details of how to do this are shown below.
How do I know an email is really from Medical Protection or MPS?
19 May 2017
We use a number of email addresses to contact members for a variety of purposes –answering individual queries and requests, sending membership updates, or sharing the latest news and advice.
As a member-owned organisation, focused on meeting members’ needs, it’s essential we gain your views and feedback through targeted surveys or questionnaires. Occasionally, we use trusted, third-party partners to carry out these surveys on our behalf. You may receive an email from a Medical Protection address that contains a link to the website of our survey partners, not our own.
We only share the information we believe is appropriate to enable these partners to carry out their responsibilities under our contracts. We do not sell your personally identifiable information to third parties.
We work with the following trusted, third-party partners to conduct our surveys and member questionnaires, and as such, you may be redirected to their websites:
- Compass Research
- Gusto Research
- Mustard Research
- Optimisa Research
- RDSi Research
- TIPI Research
- Trinity McQueen
How do I retrieve messages from a portal?
How will I know that there’s a message for me on the portal?
30 March 2015
You will receive a notification message in your email inbox to advise that MPS has sent you a message, including a link to the portal to retrieve the message. The message will be MPS branded.
To find out more about retrieving messages in this way, you can download our guide
How do I know if I have TLS already enabled?
30 March 2015
The majority of individuals and organisations already use TLS.
You can check whether your email can already receive TLS encrypted email through free, online tests by going to the website - http://checktls.com/. Simply enter your email address and click ‘Try It’.
You will only need to check one sample email address per domain name (e.g. firstname.lastname@example.org) but you will need to check a sample email for all the domain names you use to communicate with MPS (e.g. email@example.com, firstname.lastname@example.org, email@example.com).
If tests indicate that you can receive TLS encrypted email, you will continue to receive MPS emails directly to your inbox.
How will this affect me?
30 March 2015
Many organisations and webmail providers already use TLS encryption.
However, if your existing email server/provider is not currently TLS enabled, you may be re-directed to a secure messaging portal to retrieve messages and any attached documents from MPS.
What encryption software does MPS use?
30 March 2015
MPS uses two forms of email encryption: Transport Layer Security (TLS) and a secure messaging portal.
What is TLS?
Transport Layer Security (TLS) guarantees encrypted delivery of emails between two email servers (gateway to gateway). In order to work, TLS needs to be enabled on the mail servers of both the sender and the receiver of the email. All information exchanged between the servers is then encrypted.
If TLS is enabled on your email server, emails will be encrypted to the server and delivered directly to your email inbox.
Secure messaging portal
The OneWorld email encryption portal is a secure delivery solution for email messages that can be accessed securely over the internet using a standard web browser. MPS have chosen this service because it offers easy access to emails without any compromise to the security of the message or attachments.
If your email server/provider is not currently TLS enabled, you may be re-directed to a secure messaging portal to retrieve messages and any attached documents from MPS.
Can I avoid retrieving MPS messages from a portal?
30 March 2015
If you do not wish to use the secure messaging portal, you will need to use a TLS enabled email account. You could do this by creating an account with a TLS enabled webmail provider.
Alternatively you could install a TLS certificate onto your email server. Your TLS certificate must be issued by a registered SSL Certificate provider and cannot be a self-generated certificate in order to comply with MPS security. This is most likely only to be a viable option for organisations rather than individuals.
I’ve stopped receiving email from MPS, what’s wrong?
24 April 2015
Your email provider may be incorrectly identifying incoming MPS correspondence as spam email. Please check your Trash or Junk folders as well as your inbox.
If MPS email is being directed to a spam folder, please refer to your email provider for assistance.
Tips to help you keep your emails safe
- Choose a secure password (use a combination of upper and lower case letters, numbers and special characters such as @, % and !)
- Use a passcode on all mobile devices e.g. laptops, mobile phones and tablets
- Change your password regularly and keep it in a safe place
- Don’t share your password with anyone
- Remember to log out or sign off from your account when you’ve finished looking at/sending your email
- Don’t open attachments from anyone you don’t know
- Don’t reply to spam or forward chain emails
- Install antivirus software and keep it up to date.