E-mail security

Revision as of 04:57, 11 February 2021 by Anthony (talk | contribs)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

ReportAssist has an E-mail facility, it's called 'E-mail documents' and can be reached from the Admin menu. Only the administrator can perform this function. We have done extensive testing, but because of the number of different third party e-mail systems out there we don't know how they will handle such large amounts of e-mails being sent out quickly.

Sending e-mails using ReportAssist is done entirely at your own risk.

Possible (unlikely) issues:

  • The e-mail server you use will get a large number of e-mails quickly, it's possible that it mistakenly decide (automatically) that the school is trying to send 'spam' emails. If this happens they could block or divert the e-mails.
  • The e-mail server the school uses could have bugs and unexpected things could happen if the server gets a huge amount of e-mails in such a short time.


With regard to GDPR, the ReportAssist servers don't send out the e-mails. In the program, the administrator can enter the e-mail server details the school normally uses, the program then uses them to directly connect with the server as your traditional email program would. In the settings, the administrator also can set if the connection to the e-mail server is via an encrypted method or not. The password that the admin enters to communicate with the school's e-mail server is not stored in the ReportAssist settings or online.

A school should contact its e-mail provider to make sure they are compliant with GDPR. The school should also make sure that its pupil's parents are ok with them storing their contact information (e-mail address), most schools already have this agreement with parents.

Important: Actual e-mail data is not usually end-to-end encrypted...

Traditionally e-mail data is commonly transmitted across the internet completely unencrypted (!!) from server to server until it gets to its destination - even if your initial connection is secure. It's like handing an opened letter to a person (securely) and them passing it along (insecurely) until it gets to the destination - anyone in between has access to it and can look at it. This is because e-mail is one of the oldest protocols on the Internet and it's never really been updated with regard to data security - everyone literally trusted everyone. Most e-mail systems don't offer 'end to end' encryption - see: https://gdpr.eu/email-encryption/

Sometimes the old way is the best way!

In short e-mail 'technology' is pretty old and from a time when privacy wasn't a great concern. If you have any doubts it's best to stick to traditional printing.