Here's a question asked over on UK Business Forums which we thought warranted a wider audience.
"We develop a Software as a Service Absence Management System which emails managers with details of employee's holidays and sickness. When a user logs an absence, they are able to enter free-text details to describe the absence, which may include health information. We disabled this functionality due to the risk of sensetive data being sent by insecure email, but clients want it back. What GDPR concerns do we need to consider if we add his function back into the system?"
When it comes to any system, whether it's an app or just a web page, the sending of information by email is a significant risk, particularly if that information is confidential or personal data.
Hand's up if you're website "contact us" form emails you the details the user completes in the form.
Now put your hand down if that content is encrypted.
Still got your hand up? If you have, then you really need to review your process, particularly if the form is personal data.
In the case of the question asked above, a HR App should never send personal data of any kind "in the clear" over an unencrypted means, even if that is just internal to the users because you don't know where a user may be when they receive that email, how secure their connection to the email server is, or if indeed their device(s) are secure enough to contain that personal data, let alone the ability for them to share it without your knowledge.
Any app where personal data is collected and exchanged, should safely do so within the app alone. If you need to trigger a user action, say a review of a Return to Work Form, instead of emailing the form contents to the manager, send them a link that they can click, log in, and view the content in the app. That's much more secure and apart from a single click and log in, is just as easy as reading an email and forwarding it to HR or replying to it.
If you have a website form that is emailed, you can usually do the same as the above example. Instead of emailing the entire form, just send a link to the relevant users who need to see that information. Better still, use data integration to send those forms into your CRM system securely so you're not keeping the data on your website, and you can trigger a sales worflow to follow up that lead!