Skip to main content

NHSmail policies

As a secure email system, NHSmail must be operated and used in accordance with a set of clear policies and procedures.

All training and guidance materials for NHSmail are hosted on the support pages: NHSmail support site

NHSmail has recently been upgraded and the supplier changed from Vodafone to Accenture. The key NHSmail policies detailed below are in the process of being updated to reflect this change and will be re-published soon. They include:

NHSmail is available to organisations with a valid reason to use it. The NHSmail Access Policy provides full details.

Whilst the design and operation of a secure email system is a key part of making sure it is secure, it is also an obligation of users to make sure they use the service properly and without doing anything to compromise the security of the information that they send or receive.

For this reason, every NHSmail user is required to accept the NHSmail acceptable use policy v3 September 2018 when they register for the service. This is their promise to all NHSmail users and the public and patients we serve, that they will be mindful of the importance of the information that they share over NHSmail.

Information is stored in the NHSmail service for a variety of reasons and is retained in accordance with our policies. The NHSmail Data Retention and Information Management Policy defines the scope of data held and details the recovery of data. The process to request this is available in the NHSmail Access to Data Policy on the NHSmail portal help pages.

Our responsibilities for data protection are explained in the Transparency Information document located within the General Data Protection Regulation section of the NHSmail portal help pages


Last edited: 17 September 2019 2:12 pm