Email encryption can sound like a wall of jargon. If you run a practice, clinic, or small firm, you do not want a textbook. You want clear meanings in plain English.
This glossary keeps the language simple. You can scan it, dip into single terms, and come back when a new phrase pops up. For a broad, non-technical overview of the topic, you can visit MailHippo’s main guide on encrypted email.
Why this glossary helps
Email and privacy tools often come with long terms that vendors throw around. Terms such as TLS, S/MIME, and public key appear on sales pages and in audit reports. Many people nod but do not feel fully sure.
This glossary gives short, direct definitions for those phrases. Each term uses simple language and a real-world context. That makes it easier to speak with IT staff, vendors, and auditors.
You can keep this page open while you read other guides. When you meet a new term, scroll here, read a few lines, and move on with more confidence.
Core email encryption terms
Email encryption
Email encryption is a way to protect email content with strong math. The message body and often the files turn into scrambled data that only certain people can read. The goal is to keep private information safe during sending and storage.
You still use normal email addresses and inboxes. The protection sits around the text and attachments. For a deeper guide, see MailHippo’s article on what email encryption is.
Encrypted email
An encrypted email is an individual message that has been encrypted. Its body and often its files no longer sit in plain text. Only people with the right keys or portal access can see the real content.
Mail servers move the message as usual. They see scrambled data instead of readable text. This makes stolen copies far less useful to attackers.
Secure email
Secure email is a broad term for email that operates within a safer environment. That setup may include spam filters, virus scanning, strong passwords, and sometimes encryption. The exact mix can differ from one provider to another.
Some services claim to offer “secure email” but do not encrypt every message end-to-end. Others combine strong content protection with account and device safety. It helps to ask what “secure” means in any given product.
Encrypted message
An encrypted message is any digital message where the content is scrambled. In this glossary, the focus stays on email. The same idea can apply to chat tools and file sharing.
The key point is that the text no longer appears clearly during transmission or in storage systems. Only people with matching keys or passwords can turn it back into readable text.
Encrypted attachment
An encrypted attachment is a file that travels in a protected form. It may be encrypted by the mail system, along with the email body. It may be a password-protected document that you attach.
In both cases, the file content stays scrambled until the right person opens it with a key or password. This matters a lot for reports, scans, and contracts that carry sensitive data.
Encryption methods
TLS
TLS stands for Transport Layer Security. It protects the link between mail servers, preventing people on shared networks from easily reading traffic. You can picture it as a secure tunnel for data in motion.
Most large email providers use TLS when they talk to each other. That works without extra steps from users in many cases. TLS mainly helps during transit, not always when messages sit in mailboxes.
End-to-end encryption
End-to-end encryption protects a message from one user to another user. Only the sender and the intended reader hold keys that can open the content. Mail servers in the middle move encrypted blocks and do not see the plaintext.
This model gives strong privacy for sensitive messages. It suits health, legal, and finance teams that handle high-risk data. MailHippo explains this further in the guide on TLS vs. end-to-end encryption for email.
PGP
PGP means Pretty Good Privacy. It is a long-standing standard for encrypting emails and files. Many privacy-minded users and some technical teams still rely on it.
PGP uses public and private key pairs. People share their public keys so others can send them encrypted email. They keep their private keys secret, so only they can open those messages.
S MIME
S MIME stands for Secure or Multipurpose Internet Mail Extensions. Many companies and health systems use it with email clients such as Outlook and Apple Mail. It builds on digital certificates that link keys to people or roles.
S MIME can encrypt email content and add digital signatures. A signature proves who sent the message and that nobody changed it during the trip. IT teams often manage certificates behind the scenes for staff.
Access and identity terms
Public key
A public key is a digital code that you can share safely. Other people use it to lock messages so only you can open them. It works as one half of a key pair.
When someone sends you an encrypted email, their system may use your public key. That step ties the message to your matching private key. Sharing a public key does not give anyone the power to read your messages.
Private key
A private key is the secret half of a key pair. Your device or secure account stores it. Only this key can open messages locked with your public key.
Email programs and portals use your private key during decryption. You normally do not see the key itself. Keeping this key safe is central to strong email protection.
Passphrase
A passphrase is a longer form of a password. It often uses several words in a row. People use passphrases to protect private keys or password-protected files.
Longer phrases are harder to guess or crack than short passwords. They still need to be easy enough for you to type and recall. A mix of length and variety gives better safety.
Certificate
A certificate is a digital document that proves identity for a key or system. In email, S MIME certificates link public keys to real users or departments. Trusted authorities issue these certificates.
Email programs can verify certificates to determine whether a message truly came from a named sender. They can also use them to find keys for encryption. Certificates make large-scale key use easier to manage.
Authentication
Authentication is the process of proving who you are in email and portals; it often means entering a password or code or using a sign-in app. Strong authentication helps keep accounts in the right hands.
Encrypted email tools use authentication to decide who may open a protected message. Without a pass, the system will not reveal the content. This step is the gate before decryption.
Email structure terms
Message body
The message body is the main text of an email. It holds greetings, notes, and all the details you type. In encryption tools, this part usually gains the most direct protection.
When an email is encrypted, the body turns into scrambled data. Only the right key can bring it back to normal words. That keeps private text out of easy reach.
Subject line
The subject line is the short title you see in the inbox list. Many systems keep this line in plain text so they can sort and group messages. Phones often show it in alerts.
This means subjects can leak more than people expect. For private topics, use short neutral subjects and keep real detail in the body. Encryption then has more to protect.
Metadata
Metadata is data about data. An email includes the sender and recipient addresses, times, and routing steps. Systems use metadata to move messages and track delivery.
Many encryption tools do not hide metadata. Someone with deep access can still see who talked to whom and when. They cannot read the message content from metadata alone.
Header
An email header is a block of technical lines at the top of a message. Normal inbox views hide most of it. The header holds routing data, server names, and other delivery details.
IT staff read headers to trace spam or delivery issues. Encryption usually focuses on the body and attachments, not on every field in the header.
Attachment
An attachment is a file that travels with an email. Common examples include PDFs, Word documents, spreadsheets, and images. Attachments often carry the most sensitive information.
Encrypted email tools can protect attachments by scrambling them along with the email body. Some systems replace attachments with secure download links to a portal.
Security and delivery terms
Encryption in transit
Encryption in transit protects data while it moves across networks. In email, this often means TLS between servers. The idea is to stop people on shared links from reading traffic.
Transit protection helps with open Wi-Fi and older network gear. It does not always protect messages once they are in mailboxes at both ends.
Encryption at rest
Encryption at rest protects data stored on disks or in cloud storage. When email content is encrypted at rest, the data sits on servers in scrambled form. Decryption happens only when a user opens it.
This step lowers the damage from stolen drives or some server breaches. Real setups can vary, so it helps to ask how a provider handles storage.
Secure portal
A secure portal is a website where people read protected messages and files. The email they receive often holds only a link to the portal, not the full content.
Recipients click the link, sign in, and view encrypted content inside the site. Portals work well when senders need to reach many outside contacts who use mixed email systems.
One-time passcode
A one-time passcode is a short code that is valid for a single login or action. Encrypted email tools often send this code by text or generate it on screen.
The user enters the code to open a protected message. After use, the code expires. This step adds safety, since stolen emails alone are not enough to gain access.
Password-protected file
A password-protected file is a document that requires a password to open. Common examples are locked PDFs or office documents. The file carries its own small layer of encryption.
People often share such files by email and send the password through another channel. This method helps when a fully encrypted email is not available. MailHippo covers this in the guide on password-protected file sharing.
Privacy and risk terms
Data privacy
Data privacy refers to the right of people to keep their personal information from being broadly exposed. Email encryption supports data privacy by hiding sensitive content from extra eyes.
Good privacy practice looks at collection, sharing, and storage, not just sending. Encryption forms one of several tools that together protect data.
Sensitive information
Sensitive information is data that can harm someone if exposed. Examples include health records, ID numbers, pay data, and legal details. Many laws treat this type of data with special care.
An encrypted email is often used when sensitive information must be moved by email. It lowers the impact if a message is intercepted or a mailbox is breached.
Confidential message
A confidential message should stay between a limited group. The term describes intent rather than a specific technology. Some tools add “confidential” labels inside email platforms.
Confidential messages are safer when they use encryption and tight access controls. Labels alone do not protect content.
Phishing
Phishing is a type of scam where fake messages try to trick people into sharing passwords or clicking on harmful links. These messages often pretend to be from banks, cloud services, or bosses.
An encrypted email does not stop phishing on its own. Spam filters, training, and safe habits play a key role here. Encryption is more effective once a real message exists.
Message forwarding
Message forwarding sends a copy of an email to a new address. People use it to loop others into a conversation or to pass on information.
With encrypted email, forwarding might send only a link or a shell, not the full content. New readers may still need the right access to open it. Forwarding plain text from a decrypted view removes that protection.
Business and compliance terms
HIPAA-compliant email encryption
HIPAA-compliant email encryption refers to email tools and configurations that comply with the privacy rules under HIPAA in the United States. HIPAA sets high expectations for how health data moves and sits in systems.
Email alone does not make you compliant. Policies, training, and contracts all matter. Encryption helps you meet rules for data in transit and at rest. MailHippo has a full guide to HIPAA-compliant email encryption for health teams.
Secure email for healthcare
Secure email for healthcare is an email that fits the needs of clinics, practices, and hospitals. It must protect patient data, support staff workflows, and line up with health privacy rules.
Such systems often blend encrypted email, secure portals, and strong access controls. They aim to be simple enough for both patients and busy clinicians. MailHippo explains this in secure email for healthcare teams.
Secure email for legal teams
Secure email for legal teams focuses on client confidentiality and case files. Lawyers share contracts, filings, and advice that must stay private. Email systems for this field often add logging and retention controls.
Encryption helps protect client messages and large bundles of documents sent to courts or other parties. Access tracking helps firms show who saw what and when.
Secure email for finance teams
Secure email for finance teams relates to banks, advisors, and internal finance staff. They handle account numbers, tax files, and pay data.
A good setup protects statements, forms, and approvals with encryption and strong sign-in. It may link to secure portals for file sharing and e-signature tools.
How to use this glossary with the rest of the guide
You can treat this page as your sidekick while you read other articles. When a term like PGP or certificate appears, jump back here, read the short definition, and then return to your main article.
If you want a structured introduction before you dive into the terms, start with MailHippo’s explainer on email encryption. Then keep this glossary open for quick checks.
Health teams that focus on patient data can pair this page with the guides on HIPAA-compliant email encryption and secure email for healthcare teams. That trio covers both words and real practice.
Common questions
What is the difference between secure email and encrypted email?
Secure email covers the entire email setup. It covers spam filtering, login safety, storage, and sometimes encryption. An encrypted email describes how a single message is scrambled so only certain people can read it.
A service can be secure in many ways and still send some messages without strong encryption. The best setups blend both system safety and content protection.
What does an encrypted message mean?
An encrypted message is one in which the content has been converted into coded data. A key or password is needed to turn it back into readable text.
In email, this usually applies to the body and attachments. The idea is to reduce the number of people and systems that can see the real content.
Is TLS the same as end-to-end encryption?
TLS and end-to-end encryption both use strong math, yet they protect different parts of the path. TLS protects the link between servers, so traffic on the wire is harder to read. End-to-end encryption protects messages from one user to another, even while they sit on servers.
Many services use TLS by default. Fewer offer full end-to-end encryption for every message. MailHippo’s guide on TLS vs. end-to-end encryption for email explains this split in more depth.
Does email encryption? cover attachments?
In many modern tools, yes. Email encryption often scrambles attachments along with the body. The files then travel and rest on servers in encrypted form.
Some setups move files into secure portals and instead place links in the message. In both plans, the file does not sit in plain view for every system that touches the email.
Read next
If you want a clear, story-style overview of the whole topic, read MailHippo’s guide on what email encryption is. It links many of these terms into one flow.
Health teams that handle patient data every day can go deeper with HIPAA-compliant email encryption. That article connects the glossary terms to real rules and audits.
For a broader look at safe communication in clinics and hospitals, visit secure email for healthcare teams. It shows how encryption, portals, and processes fit together in daily care.
