Skip to main content

The entire UNM Health Sciences Center (HSC) community uses an email program called "HSCLink."  Employees are given an HSCLink email account which will remain active until they leave the institution.

New email accounts in HSCLink are created on Monday, Wednesday, or Friday following the date when the user's HSC NetID is created. To see if an HSC account has an email account, please search for the person in the HSC directory (on campus access only) and look in the email address field.

Affiliate accounts do not receive a salud email account.  If one is needed a separate request will need to be made after the HSC NetID has been created.

If a person leaves or retires from the institution their email account will be automatically disabled unless they have been given an affiliate or emeritus role in the UNM Banner system.


Secure email is a system component that allows you to securely send and receive messages containing ePHI and other types of confidential information. Within this tool, secure email protects messages in transit over the Internet. Recipients of encrypted confidential email must maintain the security of the information by storing it in approved areas and forwarding it only to authorized recipients using the encrypted reply or forward option. External recipients can also use secure email to safely send reply messages back to the HSC sender.

HSC users who send ePHI and other confidential information using secure email should exercise good security awareness and send only the minimum necessary amount of information to authorized recipients. Secure email is just one part of the HSC’s IT security program, which consists of policies, security strategies and a work plan, in support of the HSC’s missions. Security awareness and good security practices, along with technical tools like this one, can help ensure public trust and confidence in the security of the HSC’s information systems.

How it Works

Adding *secure* anywhere in the subject line tells the email system to encrypt your message.External Recipient:

If your message is addressed to someone outside of the HSC email system, the recipient will be required to register his or her email address with the Cisco Registered Envelope Service (CRES) and create a password to use to unlock this message and future messages sent securely. The recipient can then reply securely using the reply button available on the secure message.

Secure Email Tutorial

Internal Recipient:

If your message is addressed to someone within the HSC system, the message will be delivered normally.

UNM Main Campus Recipient:

If your message is addressed to a person on main campus ( using an Office 365 exchange account, they will need to follow a different process to access the secure message. Please have them follow these instructions.

Secure Email for UNM Users

Phishing email messages, websites, and phone calls are designed to steal money or identity. Cybercriminals can do this by installing malicious software on your computer or stealing personal information off of your computer.

Cybercriminals also use social engineering to convince you to install malicious software or hand over your personal information under false pretenses. They might email you, call you on the phone, or convince you to download something off of a website.

Detecting Phishing Attempts

See how to spot an email Phish

Spelling and bad grammar. Cybercriminals are not known for their grammar and spelling. Professional companies or organizations usually have a staff of copy editors that will not allow a mass email like this to go out to its users. If you notice mistakes in an email, it might be a scam.

Beware of links in email. If you see a link in a suspicious email message, don't click on it. Rest your mouse (but don't click) on the link to see if the address matches the link that was typed in the message. In the example below the link reveals the real web address, as shown in the box with the yellow background. The string of cryptic numbers looks nothing like the company's web address.

Phishing scams masked web address

Links might also lead you to .exe files. These kinds of file are known to spread malicious software.

Threats. Have you ever received a threat that your account would be closed if you didn't respond to an email message?  Cybercriminals often use threats that your security has been compromised. 

Spoofing popular websites or companies. Scam artists use graphics in email that appear to be connected to legitimate websites but actually take you to phony scam sites or legitimate-looking pop-up windows.

  • Cybercriminals also use web addresses that resemble the names of well-known companies but are slightly altered.

Because certain types of email attachments pose a significant risk to HSC users, those email messages, along with their attachments, are automatically blocked by the email system. Common attachments that are blocked have extensions such as .exe, .cmd, .bat, .vbs or .zip. These are just some examples and are not the only attachments blocked by the email system.