Is it appropriate to not use email for high sensitive or confidential information?

Handling highly sensitive information calls for secure communication channels rather than plain email. Regular email can be read by unauthorized parties, stored on multiple servers, accidentally forwarded, or exposed if a password is compromised, which increases the risk of a data breach. Because of these risks, it’s appropriate to avoid using email for confidential data and instead use encrypted email, secure portals, or other protected transfer methods that provide stronger access controls and end-to-end protection. While there are scenarios where encrypted or policy-compliant email might be acceptable, the general guidance is to choose safer methods for high-sensitivity information, which is why the statement aligns with best practice.