Home Blog
12 MAY 2020

How to Secure Client Data in Email for GDPR

How to Secure Client Data in Email for GDPR

If you receive personal data from clients, patients, or customers in the EU, then the General Data Protection Regulation (GDPR) requires you to keep that data secure and private.

Including when you communicate such data, with your clients or other service providers.

Email is not secure

Your bank never emails your statement, right?

Email data can be leaked in many ways.

  • Account Hacking: The accounting firm of Chiorini, Hunt and Jacobs recently had their email hacked, leaking customer data including tax returns, W-2s, 1099s, health plan 1095-As, and direct deposit bank account information.
  • Re-routing: An employee email account personal finance planning service Aperio had its emails rerouted to an attacker account. The re-routing happened simply due to a rogue click on a phishing link.
  • Snooping: Email data can be easily copied as it travels without encryption over the network. Research investigations of over 700,000 email servers have found that most servers have loopholes that attackers can exploit to bypass encryption.

With an Encyro account, you can send electronic documents or messages securely to any email address. And receive from anyone without asking them to sign up for any account.

Messages and files are sent encrypted, all the way to your recipients. They are stored encrypted on Encyro servers and also backed up encrypted at data centers hundreds of miles apart.

Encyro makes it easy.

You do not have to create any client accounts, set up folders, or configure permissions. Clients or patients need not create any accounts either.

There is no software to install, no encryption keys to backup, and no security settings to configure.

Its easy to use directly from a mobile device. In fact, you can even take a picture of a paper document and send securely from your smart-phone instead of spending time scanning, saving and transferring files.


GDPR Article 32 requires implementing technical measures to ensure data security, to:

  • ensure the ongoing confidentiality, integrity, availability and resilience of data processing systems and services
  • restore the availability and access to personal data in a timely manner in the event of a physical or technical incident

Confidentiality, Integrity

Encyro provides you technical safeguards to keep data secure when communicated with others. Encryption keeps data confidential and protects its integrity by preventing unauthorized modifications.

Availability, Resilience

Encyro also helps make your data more resilient. All data sent or received through Encyro, is backed up encrypted three times within a data center. Additionally, it is also backed up at another data center hundreds of miles apart, again with three encrypted copies at the distant data center. This makes sure the data will remain available in the event of physical or technical incidents ranging from local equipment failures to severe weather or other events affecting an entire region.


Encyro is happy to sign a Data Processing Agreements (DPA) with you, where required to meet your compliance requirements.

Try Today

Take advantage of this protection with a free trial for your clinic, law firm, accounting practice, property management, financial service, or any business where you need to share or communicate customer data. No credit card or payment is needed to start your trial.

There is no commitment to purchase or continue. You can cancel or switch anytime and move your data out when needed.