Email runs most of your workday. You use it for appointment details, invoices, HR notes, lab reports, and more. Some of those messages should stay private for the sender and the recipient only.
Sending an encrypted email gives that extra layer of privacy. The message content is converted into protected data that only approved recipients can read. Mail servers still move the message, yet they cannot read the private parts.
If you want a broad overview before the steps, you can read the MailHippo guide on encrypted email. This article then shows how to send those messages in practice.
What does sending an encrypted email mean?
Sending an encrypted email means you send a message where the body and often the attachments travel in coded form. The text no longer sits in plain view on every mail server in the path. Only the sender and approved recipients can turn it back into readable text.
Your email program or secure portal does the hard work for you. It uses encryption tools behind the scenes when you click send. The other person sees a normal-looking message once they pass a simple access step.
For a deeper look at what happens to the content itself, you can read what an encrypted email is. That guide focuses on the message, while this one focuses on how you send it.
Before you send
Pick the email tool you will use
Start by choosing the main email tool for secure sending. Many teams use Outlook with Microsoft 365, Gmail with Google Workspace, or a hosted provider. Some use a dedicated secure email portal in addition to normal mail.
Knowing the main tool matters, since each one handles encryption differently. Some have a simple encrypt button. Others rely on add-ons or a web portal. A few offer no real content protection at all.
Write down which tools you and your staff use most during a normal week. That short list helps determine which parts of this article best fit your situation.
Check what the recipient can open.
Next, consider the people who will receive your encrypted email. Staff inside your own company often use the same platform that you do. Patients, clients, and partner firms may use many different systems.
Some methods work only when both sides use the same setup. For example, S‑MIME inside a health network. Other methods send a short-notice email with a link to a secure web page. Those work well even when the other person uses free webmail.
Picture your most common recipient types. If many users are external and use mixed tools, a simple, secure portal will usually provide the smoothest path.
Decide if files need their own protection.
Email often carries both text and files. The text might explain the case. The files might hold reports, X‑rays, or contracts. In many breaches, those files cause the biggest harm.
Decide whether you only need to encrypt the message body or whether attachments also need extra locks. Many secure email tools protect files as well as the text. File-level encryption then adds a layer of protection.
If you know that attachments matter in your work, plan for both layers. The MailHippo guide on how to encrypt an email explains those layers in more detail.
Ways to send an encrypted email
Built-in email encryption
Many business email platforms now include some content protection. In Outlook or Gmail, you can often click a lock icon or choose a protect option. The service then encrypts the body and attachments for you.
From the sender’s side, this feels close to normal email use. You stay in your regular inbox and send window. You choose the secure option for messages that carry private information.
From the recipient side, they may open the message in their inbox as usual. They may also see a link that opens a protected view in the browser. The exact view depends on the platform.
Secure web portal delivery
Secure portals keep the full message in a protected web page. The email in the inbox is only a short notice. It contains a link that points to the secure page, not the real content.
On your end, you can write your email in the portal or through an add-in. You click send, and the portal emails a simple notice to the recipient. The private text and files stay inside the portal.
From the recipient side, they click the link and sign in. They might use a password or a one-time passcode. After that short step, they read and reply inside the secure page.
PGP
PGP email encryption uses public and private keys for each person. The sender uses the recipient’s public key to encrypt the message. The recipient uses their private key to read it.
Pure PGP setups often need extra software or plugins. They suit power users and technical staff. Many clinics and offices find them too heavy for day-to-day work.
Some secure email services hide PGP behind a simple button. They manage users’ keys and keep the PGP components out of sight.
S‑MIME
S‑MIME uses digital certificates that link keys to people or roles. Outlook and Apple Mail both support S‑MIME. Many companies and health networks use it.
Your IT team or provider installs certificates on staff devices. Once that part is ready, staff can tick a box or click a small icon to send S‑MIME-encrypted messages.
This method works best within a single domain or across partner firms that both use S-MIME. It feels smooth for the staff once the first setup is complete.
Password-protected files sent by email
You can protect content by locking the file rather than the email. You send a password-protected PDF, Word file, or ZIP, and keep the email body simple.
The recipient opens the email, saves the file, and enters the password in the viewer. This gives at least some privacy for the file contents, even when the email platform has no strong encryption.
The method works best as a backup. For important files, many teams pair them with an encrypted email or a secure portal so both the body and the file are protected.
Step-by-step process
Write the message
Start with the same steps you use for any email. Open a new message window in your chosen tool. Enter the recipient address and a short, neutral subject.
Write the body of the message in plain language. Specify what you are attaching and what action you need the reader to take. Keep names and private facts in the body, not the subject line.
Treat this as the only place where you add sensitive details. Encryption will focus here and on attachments, not on the email’s outer shell.
Add files
Attach any files that support the message. That might be reports, scans, photos, forms, or invoices. Attach all required files before you move on to the encryption step.
If the files pose a high risk, such as full medical charts or payroll lists, consider file-level encryption as well. That can mean password-protected PDFs or protected ZIP files.
For more depth on this topic, the MailHippo guide on sending encrypted files by email provides clear examples.
Turn on encryption
Look for the encrypt or protect option in your mail tool. This may appear as a padlock icon, a menu entry, or a toggle that says something like “encrypt this message”.
Click that option before you press send. If your platform offers several levels, pick the one that encrypts the content and, if needed, limits forwarding.
In a secure portal, you may not see a lock button. The portal may encrypt everything by default. In that case, check that you created the message inside the portal, not in normal mail.
Review recipient details
Check the To, Cc, and Bcc lines with care. Make sure each address corresponds to a real person who should receive the message. One wrong letter can send a report to a stranger.
Keep group lists small for private topics. When many people join a thread, the chance of a leak grows. Use fresh threads for new cases rather than reusing old chains.
A slow breath and a quick read of those lines often prevent painful mistakes.
Send a test message
Before you roll out a new method for real cases, send a test message to a colleague or to a second account you control. Use a subject such as “test secure email” and add a dummy file.
Ask the other person to open the message on both the computer and the phone. Have them tell you which steps they saw and how long it took.
Use that feedback to tweak settings or training. A five-minute test at the start can save many support calls later.
How recipients open the message
Direct inbox access
In some systems, encrypted email opens inside the normal inbox. The recipient clicks the message and sees the body, plus a bar that says it is encrypted or protected.
The mail app uses stored keys or certificates to decrypt the content on the fly. The reader does not need extra steps once they have logged in to their email account.
This view is common inside the same company, where IT manages keys on staff devices.
One-time passcode access
Other systems send a short notice email that includes a button or link. When the recipient clicks that button, a secure page appears. The system then sends a one-time code by text or to another inbox.
The reader enters that code on the web page. The code proves who they are and then expires. The secure page then shows the full message and any files.
This approach suits patients and clients who use many different email services. They only need a browser and access to their phone or alternate inbox.
Certificate or key access
With PGP or S‑MIME, the recipient needs keys or a certificate in their mail app. When they open an encrypted email, the app prompts for a passphrase or PIN if needed.
After that short step, the app uses the key to decrypt the message and show it in a normal view. The person does not have to think about the key again during that session.
This method provides strong content protection, yet it requires more setup work from IT or the user.
How to send encrypted attachments
Encrypted attachments travel in two main ways. In many email systems, attachments ride along with the encrypted body and gain the same protection. In that case, you only need to turn on encryption for the message.
For extra care, you can encrypt the file itself before attaching it. That can mean a password-protected PDF, a protected Office file, or a locked ZIP. The recipient then needs the file password and, in some cases, the email protection as well.
For a detailed walkthrough of that process, see the MailHippo guide on encrypting email attachments. That article shows how to handle PDFs, Office files, and ZIPs.
What to do if the recipient cannot open the message
Sometimes the recipient hits a hurdle. Perhaps their mail app does not support your method. Perhaps a spam filter stripped the portal link. Perhaps they lost the passcode.
Stay calm and gather a few facts. Ask what they see on screen and whether any errors appear. A screenshot can help if they know how to send one.
For urgent content, move to a secure portal or a safe phone call while you sort out the email issue. Long term, adjust your method so that your most common recipients get the simplest path.
Common mistakes
Sending the password in the same email
Many people lock a file with a password, then type the password in the same email. Anyone who sees that email gains both pieces at once.
Send the password in a different channel, such as text or a quick call. Keep the words short and clear so the person knows which file they fit into.
Treat passwords as secrets, not as just another line in body text.
Leaving the subject line too detailed
Subject lines often stay in plain text, even when the body is encrypted. Some people still write full names, diagnoses, or ID numbers there.
Switch to simple, neutral subjects for private topics. for example, “Your recent visit” or “Your report” instead of “Full cardiology report for Mark Jones”.
Let encryption protect the place where you keep the details: the body and the files.
Using the wrong recipient address
One small typo in an email address can send a private report to a stranger. Auto-complete in email apps can make this even easier.
Take a second to check the address list before you send. When you write to a new patient or client, paste the address from a trusted source rather than typing it by memory.
For very sensitive content, send a short plain email first to confirm the address, then send the encrypted message.
Forgetting file protection
Some teams enable encryption for the message body, yet attach files that already exist in plain text in many places. They think the email covers every risk.
Think about where the file goes next. The recipient may save it on a shared computer or forward it. File-level locks and secure portals help in those cases.
Use encrypted email for the path and smart file habits for the long term.
When an encrypted email is the right choice
Encrypted email works well when you already use email for a task and need more privacy. That includes lab results, quotes, HR notes, and many client updates.
It lets staff keep the tools they know, such as Outlook or Gmail, while adding background protection. It also leaves a clear record of what you sent and when.
When your work and rules allow email, encrypted email gives a clear upgrade over plain messages.
When a secure link may work better
Some data should not sit in any inbox at all. That includes master passwords, root keys, and one-time secrets. A secure link or secret sharing tool often suits those cases better.
With a secure link, the secret lives in a special service. The email contains only a one-time link. After the person opens it, the link can expire, and the secret can be removed from the service.
For very high-risk items, use email mainly as a notice, and keep the actual content behind a tightly controlled link.
Common questions
How do I send an encrypted email
In short, you write your message, add files, enable encryption or protection, check the addresses, and send. Your email platform or secure portal then handles the coding part.
For a more detailed step-by-step guide, see how to encrypt an email. That article goes through each step from the sender’s side.
Can I send an encrypted email for free?
Many email services already use basic encryption in transit without extra cost. Some offer content encryption inside the platform at no extra fee for certain plans. Free tools exist for PGP and password-protected files.
Free paths often need more setup and training. Paid secure email services usually hide the complex work and add support. Start by checking what your current provider already offers on your plan.
Can recipients forward an encrypted email?
People can press forward on almost any email. What happens next depends on the system. Some secure services send only a link, so the forward does not give new people access to the content.
If a recipient copies text from a decrypted view into a new plain email, that new message loses the original protection. Training helps staff avoid that step for private topics.
Ask your provider how forwards work in their system and share that answer with your team.
Does encryption cover attachments?
In many modern platforms, yes. When you encrypt an email, the body and attachments gain the same protection and travel in coded form.
Even so, file-level locks still help. For larger or more sensitive files, see how to send encrypted files and secure documents via email. Those guides explain safe ways to handle files in addition to encrypted email.
Read next
To learn more about the tools behind this process, read how to encrypt an email. It connects the sending steps with the actual encryption methods.
Suppose your main worry is the files themselves. How to send encrypted files by email? That guide focuses on documents and folders.
For sensitive contracts, reports, and patient records, see how to send secure documents via email. It brings together message protection and document handling in one place.
