>

Glossary Home

What will I learn?

  1. What is email journaling?
  2. Why is email journaling critical for business compliance?
  3. What does email journaling capture?
  4. How does email journaling work?

Related Content

Glossary Home

Email journaling

What is email journaling? 

Email journaling is the automated process of capturing and storing tamper-proof copies of all email communications in real time for compliance and archival purposes. This process captures emails in transit and sends a copy to a specialized mailbox—such as a journal mailbox in Microsoft Exchange or an external archiving solution like Google Workspace—for storage.

Why is email journaling critical for business compliance? 

1. Legal and regulatory requirements: 

Depending on the region and industry an organization operates in, email journaling has become a mandatory legal requirement. Key regulations that mandate this compliance process include: 

  • General Data Protection Regulation (GDPR): GDPR requires organizations to maintain demonstrable records of data processing activities, including email communications involving personal data.
  • Health Insurance Portability and Accountability Act (HIPAA): HIPAA requires that electronic communications containing protected health information (PHI) be stored securely.
  • Securities and Exchange Commission (SEC) Rule 17a-4: The rule requires broker-dealers to retain all business-related electronic communications in a non-rewritable, non-erasable format, i.e., Write Once, Read Many (WORM) for defined periods, typically three to six years.
  • Financial Industry Regulatory Authority (FINRA): FINRA mandates that financial institutions store and monitor all electronic communications, retaining messages for at least three years in most cases and certain records for a minimum of six years. 

2. Reliable record keeping 

The administrators manage the journal mailbox separately from standard user mailboxes and deliberately restrict access to regular end users, ensuring that no one can tamper with or alter its contents. Only compliance officers and administrators with specific roles have access to inspect these records for investigation. 

3. Audit and investigation support 

For audits or internal investigations, organizations must rely on complete and trustworthy email records. By capturing messages at the server level—before end users can edit or delete them—journaling preserves unaltered evidence, making it a reliable foundation for audit reviews and investigations. 

4. eDiscovery

Legal authorities can ask the organization to provide email evidence if it's involved in a legal case. Email journaling makes it easier to locate and provide relevant emails quickly using eDiscovery. 

What does email journaling capture? 

Email journaling records every email transaction that flows through an organization's mail system, including: 

  • Emails received from external senders.
  • Emails sent to external recipients.
  • Internal emails exchanged within the organization.
  • Email attachments and metadata. 

How does email journaling work? 

Email journaling works at the mail server level. Email journaling works in four steps: 

  1. An email is sent or received within or across the organization.
  2. The journaling agent in the mail server intercepts the email while it's in transit and creates an exact copy, packaged as a journalreport.
  3. The journal report is directed to the journal mailbox. It contains the full email content along with the message envelope—a record of all email addresses associated with that message, including to, cc, and bcc recipients.
  4. The mail server delivers the original email to the intended recipient as usual, with no disruption or delay.