Forwarding emails from your gov.uk mailbox to another mailbox
Overview
Whilst it is technically possible to automatically forward incoming emails to another mailbox from your gov.uk email address, the Government Digital Service (GDS) strongly advise against this due to several key security and privacy risks.
This applies to forwarding to personal email addresses or other work addresses, whether gov.uk or not.
These include;
- Data Security: Government emails often contain sensitive or confidential information. Personal email services may lack the stringent security protocols required by government standards, increasing the risk of data breaches.
- Data Protection Legislation: Forwarding emails may violate data protection laws like the GDPR, as personal email services may not meet the compliance standards needed for handling sensitive government data.
- Risk of Phishing and Malware: Personal accounts are generally more vulnerable to phishing attacks. If a personal account is compromised, it could lead to unauthorised access to government information, which can be especially risky if those emails contain confidential attachments or links.
- Audit and Compliance Issues: Government communications often need to be auditable and stored securely. Forwarding emails to a personal account creates records that are outside the government’s secure system, hindering compliance with data retention policies and auditing requirements.
- Loss of Control over Data: When emails are moved to a personal account, the government loses control over how and where the data is stored, potentially resulting in accidental or intentional information sharing.
- Potential Legal Liability: Mishandling government data can have legal repercussions. Forwarding emails to a personal mailbox could lead to disciplinary action or legal consequences if data breaches or privacy violations occur.
- Risk of Information Leaks: Personal email accounts can be more easily accessed by non-government individuals, leading to potential leaks of sensitive or classified information.
Ensuring all communications stay within secure, government-approved channels minimises these risks and safeguards sensitive information.
Security Levels
If forwarding emails, the receiving email system must have either equivalent or higher security standards than the system you're sending from.
Parish Online emails have the following:
- TLS Encryption
- DMARC Policy
- SPF
- Two-factor Authentication
Forwarding to another work address
If forwarding to another work email address, whether this is a commercial, charity, NHS or Government organisation, you should seek explicit permission from that organisation's Data Controller before setting it up. They will advice whether it is permitted.
Freedom of Information Request Issues
If a councillor still chooses to automatically or systematically forward their gov.uk emails to another mail account, in the event of an FOI or Subject Access Request, the councillor may need to surrender their personal email account. This can be difficult and challenging administratively, causing large time and financial costs to the council and the individual.
Related Articles
Email Forwarding
Overview If you're away you may want to forward your emails rather than delegate access to it. This means that someone else can receive your emails but not access the rest of your email account or send emails on your behalf. It is strongly ...Transfer a co.uk, org.uk or uk domain over to Parish Online
Overview If you've switched to Parish Online as your Website and/or Email provider, you may well have an old domain that your previous website used. To avoid people continuing to visit that website you can get Parish Online to take over the ...Creating a Shared Mailbox
Overview Shared Mailboxes are basic email accounts that multiple users can see. Shared Mailboxes are mostly used for role-based functions such as having an allotments@yourparishcouncil.gov.uk address for the 3 people that manage allotments, for ...Converting a shared mailbox to a normal mailbox
Overview It's not possible to convert a shared mailbox to a normal mailbox. However, you can close down the shared mailbox and create a new mailbox using the same email prefix. Limitations Going from a shared mailbox to a normal mailbox doesn't give ...Suggested Code of Conduct for using gov.uk email addresses within local councils
Overview This provides a suggested document that your council could adopt to guide staff and councillors on the use of your gov.uk email address. Please note that this suggested Code of Conduct is provided without warranty. Please contact SLCC, NALC ...