Advice on BCC in Emails - Avoid Data Breach

Useful guidance below to avoid data breach by mistakes using BCC in emails. One of the most common data breaches is user error! Should you suffer a data breach each out to use. We provide a lot of Data Protection & GDPR support:

"Failure to use BCC correctly in emails is one of the top data breaches reported to us every year – and these breaches can cause real harm, especially where sensitive personal information is involved.

When you use the ‘BCC’ field to send an email, the recipients can’t see each other’s email addresses. You can use this if the personal information you’re sharing isn’t sensitive and there’s little risk. But if your email may reveal sensitive information about the recipients, you should assess whether using other secure methods would be more appropriate. 

You could: 

·        set rules within your email system to provide alerts and warn email senders when they use the Carbon Copy (CC) field; 

·        set a delay, allowing time for errors to be corrected before the email is sent; 

·        turn off the auto-complete email function to prevent the system suggesting email addresses in the recipient’s box; and 

·        use the NCSC email security check tool.

Under data protection law, organisations must have appropriate technical and organisational measures in place to ensure personal information is kept safe and not inappropriately disclosed to others.

Organisations that use and share large amounts of data, including sensitive personal information, should consider using other secure means to send communications, such as bulk email services, so information is not shared with people by mistake.

Organisations should also consider having appropriate policies in place and training for staff in relation to email communications.

For non-sensitive communications, organisations that choose to use BCC should do so carefully to ensure personal email addresses are not shared inappropriately with other customers, clients, or other organisations."

From the ICO

"We at Spires Legal wholeheartedly recommend Ingemar and his team at Hunnings Consultancy Ltd. Ingemar has supported us throughout our journey from new start up to established firm. It is refreshing to have a consultant that takes the time to understand your business and its priorities, stands by your side as it develops and is flexible in approach as your needs change.
The feedback we have from our team, and which we regularly hear from others is that Ingemar is an insightful and knowledgeable trainer who is comprehensive yet engaging in his approach. Still unsure? Five minutes on the phone with Ingemar and you will be sold on how much value he can add to your business!"

Arj Arul - Director at Spires Legal

Click here to see more testimonials

Business Support for Law Firms

We will get back to you within 24 hours. For more information and to discuss how our service can work for you;
Call: 07887 524 507 
Fill out our contact form
Send us an email:
[email protected] 
We look forward to speaking to you...

How Can We Help You?

Contact Form Demo (#1)


Quality services, in a timely & efficient manner for a reasonable fee. Assisting clients since 2014 as their Trusted Advisers on matters relating to the running of their Business.