USE CASE:
  If you have a policy to check all outbound messages for sensitive information, you may want to detain the emails that triggered this policy for review, so that an administrator could decide whether the email should be sent via Secure Messenger or to stop it from leaving the company at all.

This can be achieved by quarantining the messages that triggered the policy, so that the administrator can review them first.

Here is a sample set of policies to achieve it:

1. Create a quarantine queue, designated to hold these messages (for easy access). (Set up > Quarantine Queue > Create)

2. Create a policy, that will catch the messages that may contain sensitive data.

In the example below, it is checking the subject, body and attachments against a wordlist. In this policy is important to have a custom header added and the same header as an exclusion. You can also include a notification to the policy, so that the administrator can be notified if such message is quarantined.

Here is a summary of such policy:

===================================================================
Policy type: Basic Mail Filtering , Sender based, applied to Internal
Catch messages where...
The entire message contains words in the list: "HIPAA Compliance"
But Exclude messages where...
X-SECURE exists
Take the following actions...
Quarantine the message into "Secure Messages" queue with no tag
and add header with name "X-SECURE" and value "true" to the message
===================================================================

3. Create a policy, that will redirect the approved messages to Secure Messenger:

===================================================================
Policy type: Unencrypted Message Filter , Sender based, applied to Internal
Summary of policy, ready to save:
Catch messages where...
Not encrypted by the client and will not be encrypted by the server
and X-SECURE exists
Take the following actions...
Encrypt and deliver the message via Secure Messenger using the "Your Profile" delivery profile
===================================================================

Here is what will be the behavior with these two policies enabled:

Each message that triggers the "HIPAA Compliance" in the subject will be held in the "Secure Messages" quarantine queue. When an administrator opens a message in the queue, he or she can select one of the following options:

Delete:   Message will be deleted and will not be delivered to the recipient
Release:   Message will be delivered to the recipient UNENCRYPTED and no further policies will apply
Return:   Message will be returned to the sender
Reprocess:   Message will be delivered to the recipient via Secure Messenger (if policy #2 exists)