Supporting documentation required for accreditation approval

You should include the following documents with your accreditation. 

Office 365

As most of the requirements for Office 365 have been addressed by Microsoft, you will need to submit a completed DCB1596 Microsoft Office 365 conformance template detailing the organisation’s secure domain. You can download a copy of the template from the secure email standard web page.

We also verify Office 365 accreditations using the National Cyber Security Centre Mail Check tool to ensure that all technical requirements to the email domains have been applied.

Self-management

You will need to submit a completed DCB1596 Self Accreditation Conformance template giving information about the organisation’s secure domain. You can download a copy of the template from the secure email standard web page

We also verify self-management accreditations using the National Cyber Security Centre Mail Check tool to ensure that all technical requirements to the email domains have been applied.  

Is *gov.uk a trusted domain? 

All government organisations are required to encrypt email in transit, so there should be no instance of a government organisation not encrypting email in transit.

This does not have to be enforced TLS and we have taken an approach that we will not support any requests for enforced TLS for clinical safety reasons. You can learn more by reading the guide for government organisations.