Sending an E-Mail with Social Security Number(s) in Outlook to an Internal Recipient


What happens when I send an e-mail containing Social Security Number(s) to an e-mail address?


  • Microsoft Information Protection
  • Outlook
  • Outlook 365 (web version)


Expected behavior for detected SSN(s) with internal recipient(s) (any address). 

  • When writing an e-mail message that contains at least one Social Security Number to another Macomb e-mail address, a tool tip will appear. 

 Note: This example is using randomly generated test Social Security Numbers. 


  • If you must send an e-mail with SSNs to another Macomb e-mail address, change the Sensitivity label to Secret so that the message is encrypted and the contents of the e-mail cannot be forwarded, printed, or copied. Only the recipient(s) of the e-mail will be able to open the message. 


  • To verify the Sensitivity label has been changed, a notification will appear under the Policy Tip. There will also be a green check mark next to the label in the Sensitivity label drop down. 

  • A notification e-mail is then received from Microsoft Outlook The purpose of the notification e-mail is to let the sender know that they just sent an e-mail that contains SSN(s) and the contents have automatically been encrypted. The e-mail that matched against this policy will be in this e-mail as an attachment. 

  • The Macomb recipient(s) will receive the encrypted message, and will not be able to forward, print, or copy the contents of the e-mail. The user that granted the permissions (who sent the e-mail) will be listed. 


How to manually override a false positive Social Security Number 

  • If the e-mail has been wrongly classified as having a Social Security Number, you can report it as a false positive. 
  • Under the policy tip, select override. 

  • Once clicked, the tool tip will change to verify that it has been reported.


Article ID: 147284
Tue 10/18/22 3:49 PM
Tue 10/18/22 3:50 PM