This information standard defines the minimum non-functional requirements for a secure email service, covering the storage and transmission of email, including where email is used for the sharing of patient identifiable data. The standard includes:
- the information security of the email service
- transfer of sensitive information over insecure email
- access from the Internet or mobile devices
- exchange of information outside the boundaries of the secure standard.
This information standard is published under section 250 of the Health and Social Care Act 2012. An Information Standards Notice (see below) provides an overview of scope and implementation timescales and the other listed documents provide further detail for those who have to implement the information standard.