Skip Navigation

The Secure Email Standard

Emails sent to and from the NHS must be protected to the UK government secure email standard and the Health and Social Care standard, to ensure that sensitive and confidential information is kept secure.

The current Health and Social Care secure email standard (DCB1596) establishes the minimum-security requirements for email systems in health, public health and adult social care.

Download the full secure email specification

Secure email accreditation review update - July 2017

The NHSmail Team has reviewed the DCB1596 standard and is working to continuously improve the standard and the accreditation process. The latest position is detailed here:

Secure Email Standard Accreditation Update

New secure email accreditation templates

Following the review of the secure email standard work, the templates used to submit accreditation evidence have been streamlined. The biggest change is in the 'Health and Care Organisation' section. We only require the name and date of the policy or document covering each requirement and suitable approvals to be in place.

Here are the templates that you must use to accredit your email service and should be returned, with the required evidence, to

icon DCB1596 Microsoft Office 365 Conformance Template [92.39KB]
icon DCB1596 Self Accreditation Conformance Template [101.85KB]
icon DCB1596 ICT Service Provider Template [100.69KB]

Microsoft Office 365: Secure Email Configuration Guide

The NHSmail team is rolling out a secure configuration of Microsoft Office 365 (O365) with Microsoft. This enables instances of O365 to securely route emails to and from NHSmail email addresses. icon Microsoft Office 365: Secure email configuration guide is available. [585.05KB]

Conformance statements

When suppliers and organisations meet the published standard they are listed here.

The statements below confirm how NHSmail and Microsoft Office 365 meet their email security obligations:

icon ISB 1596 conformance statement for NHSmail [179.97KB]
icon ISB 1596 conformance statement for Microsoft Office 365 [187.44KB]

The conformance statement below confirms how organisations meet their security obligations:


Your local helpdesk
Your local IT team should be your first point of contact for help with your account, such as unlocking your account or a password reset. They can also assist in setting up a mobile phone or email programme to connect to NHSmail.

NHSmail helpdesk
For all other queries regarding NHSmail, the national NHSmail helpdesk is available 24 hours a day, 365 days a year on 0333 200 1133, or via email at

We use cookies to provide you with a better service. Carry on browsing if you're happy with this, or find out how to manage cookies. Find out more