Sending a confidential email to the wrong recipient can create panic and urgency. How can you fix the problem? Can you pull the information back? Will there be any damage from this? What consequences might you face?

Understanding what happens next can help you make the right choices in a timely manner. We’ll explain the steps to take if you mistakenly send out sensitive information.

Key Takeaways

• Once confidential information is out there, putting the genie back in the bottle can be tough.

• When you accidentally send the email, you can try to unsend or redact it. If that doesn’t work, ask the person to delete the email and set up proper defenses.

• Trustworthy can help with alternative options to sending information via email.

What Happens If You Accidentally Email Confidential Information?

The sinking feeling when you realize you’ve sent an email to the wrong person – especially if the information in that email is very sensitive – is a moment you won’t forget and don’t want to repeat.

The first question that enters your mind might be how to get the information back. And if you can’t get it back, what will the consequences be?

In the best-case scenario, the person who received the confidential information will immediately recognize someone made a mistake in sending it to them and will delete the email. They might also inform you that you sent it to the wrong person. These people are worth their weight in gold!

However, not everyone will make things so easy. This is especially true if the confidential information is something they can use. For example, an email sent to an opposing counsel instead of your own attorney could turn into a serious problem.

The ramifications of sending confidential or sensitive information to the wrong person vary widely, depending on the nature of the information and the overall situation. If you work in a business where you are bound by a confidentiality clause, you could lose your job or at least lose certain privileges at work.

It’s important to consider what might happen if you send confidential information to the wrong person so you are well-prepared for the consequences. Trustworthy can help you avoid the damage altogether with a secure service that allows you to send confidential information safely online.

• Related: Best Practices for Safeguarding Online Communication

What to Do to Limit the Damages After Accidentally Emailing Confidential Information

Try these steps right away to mitigate the damage.

Unsend the Email

Some email platforms will allow you to unsend an email. There is usually a small timeframe to do so, often only a matter of up to 30 seconds. This is common with Gmail. However, other platforms, such as Outlook, allow you to set certain rules giving you several hours to unsend the email.

Kevin Stratvert, an ex-Microsoft employee, explains to unsend an email, you should:

“Click on the folder that says sent items, double click on that email message you want to take back, and now, on the top menu, you’ll see an icon that says More Move Actions. Click on that, and now you’ll see an option to Recall This Message… If you have a simplified ribbon (menu), over on the far right-hand side, click on the ellipsis, and you’ll see a category for Actions. And once again, you can now recall your message.”

Look at your email platform to find a “delay” – if you have it, turn it on. Though it might be too late for an unsend function to fix this particular mess, it can come in quite handy in the future.

Recall the Email

Some emails can be recalled. This will send a second email informing the recipient that the original email was recalled, but it might not delete the email. In a worst-case scenario, it might make them quite curious about what was sent to them and then recalled. This is available on most Outlook accounts, but other email clients might also use the service.

Ask the Recipient to Delete the Email

As soon as you realize what happened, you can ask the recipient to delete the email. You can do this by sending them an additional email with the request or by calling them to ask if they will do this for you. This might work very well if the recipient is a personal friend or someone who wants to protect you.

However, remember that the recipient is under no legal obligation to delete the email.

Report the Breach to Management

If this happens in the context of your employment, inform your management immediately. They will need to know you sent confidential information to the wrong person so they can take appropriate steps to shield the company. 

They will likely ask to look at your email account so they can see the exact information that was sent and when, as well as follow other protocols that might be in place.

Set Up Your Defense

Think about what confidential information was sent and act accordingly. If a Social Security number was in the email, set up fraud alerts to protect against that information being used in nefarious ways. 

If there were passwords, immediately change them and set up two-factor authentication for further protection. 

If the file contained sensitive information, consider what to do in the future, such as restricting access to only those who absolutely must have it.

Preventing Misdirected Emails Moving Forward

What’s done is done – but how can you avoid making this mistake again? Fortunately, some security tips can help you ensure sensitive data stays safe.

Turn to Trustworthy

Rather than relying on emails to pass important information, turn to the collaborative features offered by Trustworthy to handle sensitive matters. 

For instance, the Family Operating System allows you to store sensitive documents online in a secure place where everyone can access them – no email is required. SharePoint is another option that allows you to upload confidential or sensitive information and choose who has access to and management of it.

Set up Delays on Your Email

Setting up a delay on your email can be quite handy. While most email accounts allow you to pause sending an email for up to 30 seconds, others allow you to create rules that hold an email in your drafts for up to a few hours. Look at your email settings, determine which options are available, and implement them accordingly.

Double Check Your Recipient

Many email accounts offer an auto-complete function, which fills in an email address the program anticipates you will want to use. However, this can easily lead to sending an email to the wrong person.

For instance, let’s say you email someone in your organization named Kristen. You begin to type in the name, but the auto-complete pulls up an email contact for a person named Kristen, who happens to work at another company. Suddenly, you’re about to send an email to the wrong person!

Look carefully before you hit “send” on any email that uses auto-complete. Double-check and even triple-check that you have the intended recipient before you send anything.

In that same vein, ensure you use “reply” and not “reply all” if several recipients are involved. Ensure your words are going to the one person you intend them to go to, and not a long list of names.

Don’t Use Email

If you can avoid using email to transmit sensitive information, that’s the best option, according to Nolo. Finding a service where you can share documents and other information without the worries of email is a good bet – that’s where Trustworthy comes in. Trustworthy provides numerous ways to share sensitive information without worry that it will be intercepted or accidentally sent to the wrong party.

Frequently Asked Questions

How serious is a breach of confidentiality?

Depending upon the parties involved, it can be incredibly serious. For instance, someone could lose their job for sending sensitive information to the wrong person, lawsuits could ensue, or relationships – personal or professional – could be severed. 

The severity of the breach depends upon the type of information passed and the ramifications of someone else using information that was never meant for them.

Trustworthy provides exceptional document control that ensures you don’t have to worry about sending emails to the wrong person or facing the consequences of sensitive information falling into the wrong hands.

Is it illegal to forward a confidential email?

As long as there is no confidentiality agreement in place, a person who received an email that was not meant for them can forward it to others without legal ramifications. Even a disclaimer in the email is not legally binding.

What are the consequences of leaking confidential information?

That depends upon the nature of the information. The leaking of trade secrets could be devastating for a company, just as disclosing finances could be quite serious for an individual.

The consequences for the person who leaked the information depend on whether it was deliberate. Someone who chose to deliberately leak the information could lose their job, face a lawsuit, or even face criminal charges. However, someone who leaked it by mistake, such as sending an email they didn’t mean to send, will often face lesser consequences.