Secure email :: YourSpace Mersey Care

All staff are responsible for making sure emails are sent to the right individual(s), using the correct process and only containing the minimum necessary information which is essential and appropriate (in line with Data Protection legislation and Caldicott Principles).

To protect confidential, person-identifiable information staff must ensure the following is adhered to when sending via email:

Only use Trust-approved email accounts (ending merseycare.nhs.uk or nhs.net)
Never put person-identifiable information into the subject line of an email
Only use a person's initials and another identifier (eg NHS number, employee number, etc.) in the body of an email
Never use person-identifiable information to name any attachments
Ensure that a recipient's email address has been entered accurately or selected correctly from a provided address list.

Please note that the use of password protected documents is no longer Trust policy.

Emails containing confidential, person-identifiable information going external to the Trust's network and being sent to an insecure email address MUST be further protected by adding encryption.

How to apply encryption to an email

From Microsoft Outlook

(@merseycare.nhs.uk)

From NHSmail

(@nhs.net)

Type [secure] into the email subject line.

NB. [ENCRYPT] and [RW4ENCRYPT] can

also be used.

Type [secure] into the email subject line.

Please see the IM&T Security Standard SS03 - Internet & Email Security for further details.

Further Staff Guidance

The Secure Email Quick Reference Guide provides clarification on secure email addresses and the necessary action required when sending to insecure email addresses.
Email Security Poster - the three key areas which staff must consider before sending an email.

NHSmail - Guidance for sending secure emails and encryption

Secure email

Popular pages

Your most visited pages

Secure email

External emails

Accessibility tools