On January 15, 2019 Microsoft will enable the Office 365 Message Encryption (OME) mail rule for our servers. This will automatically apply to any message sent from Office 365 if it includes any of the sensitive data types. Recently Microsoft improved Office 365 Message Encryption so that users can send encrypted and protected messages to anyone inside or outside the organization. They are creating this automatic policy so that our customers are protected by default.
This rule will automatically encrypt emails going outside your organization with the Encrypt-Only policy if they contain the following sensitive types:
- ABA Routing Number
- Credit Card Number
- Drug Enforcement Agency (DEA) Number
- International Classification of Diseases (ICD-9-CM)
- International Classification of Diseases (ICD-10-CM)
- U.S. / U.K. Passport Number
- U.S. Bank Account Number
- U.S. Individual Taxpayer Identification Number (ITIN)
- U.S. Social Security Number (SSN)
More detailed information can be found in this video https://youtu.be/CQR0cG_iEUc from Microsoft.