NHSmail policies

Summary

As a secure email system, NHSmail must be operated and used in accordance with a set of clear policies and procedures.

All training and guidance materials for NHSmail are hosted on the support pages: NHSmail support site

NHSmail has recently been upgraded and the supplier changed from Vodafone to Accenture. The key NHSmail policies detailed below are in the process of being updated to reflect this change and will be re-published soon. They include:

NHSmail Access Policy

NHSmail is available to organisations with a valid reason to use it. The NHSmail Access Policy provides full details.

Acceptable Use Policy

Whilst the design and operation of a secure email system is a key part of making sure it is secure, it is also an obligation of users to make sure they use the service properly and without doing anything to compromise the security of the information that they send or receive.

For this reason, every NHSmail user is required to accept the NHSmail Acceptable Use Policy v2 August 2017 when they register for the service. This is their promise to all NHSmail users and the public and patients we serve, that they will be mindful of the importance of the information that they share over NHSmail.

Data Retention and Information Management Policy

Information is stored in the NHSmail service for a variety of reasons and is retained in accordance with our policies. The NHSmail Data Retention and Information Management Policy defines the scope of data held and details the recovery of data. The process to request this is available in the NHSmail Access to Data Policy on the NHSmail portal help pages.

Our responsibilities for data protection are explained in the Transparency Information document located within the General Data Protection Regulation section of the NHSmail portal help pages