Skip to main content

NHSmail policies

As a secure email system, NHSmail must be operated and used in accordance with a set of clear policies and procedures.

All training and guidance materials for NHSmail are hosted on the NHSmail support site.

We have provided a list of the main NHSmail policies.

NHSmail access policy

NHSmail is available to organisations with a valid reason to use it. The NHSmail Access Policy provides full details.

Acceptable use policy

Whilst the design and operation of a secure email system is a key part of making sure it is secure, it is also an obligation of users to make sure they use the service properly and without doing anything to compromise the security of the information that they send or receive.

For this reason, every NHSmail user is required to accept the NHSmail acceptable use policy when they register for the service. This is their promise to all NHSmail users and the public and patients we serve, that they will be mindful of the importance of the information that they share over NHSmail.

Data Retention and Information Management policy

Information is stored in the NHSmail service for a variety of reasons and is retained in accordance with our policies. The NHSMail Data Retention and Information Management policy defines the scope of data held and details the recovery of data. The process to request this is available in the The NHSmail Access to Data policy on the NHSmail portal help pages. 

Our responsibilities for data protection are explained in the Transparency Information document located within the General Data Protection Regulation section of the NHSmail portal help pages


Last edited: 22 February 2021 9:10 am