Publish date: 24 October 2023
Where personal, confidential or sensitive information needs to be sent using email, the email must be sent securely.
NHS Cheshire and Merseyside have shared some guidance on how to send secure emails.
How do I know if my email is secure?
To check you are sending emails securely, please read your guide to sending secure emails.
Where an email cannot be sent securely, you will need to manually encrypt your email so that it cannot be read by anyone other than the intended recipient. Email encryption also ensures the message cannot be copied or forwarded on.
How do I encrypt my email?
Encrypting an email message means that the content of the email is converted from readable plain text into scrambled coded text. Only the intended recipient can read the message.
To encrypt your email, type [secure] in front of your subject line as shown in the example below. When this message is sent, it will be sent as a secure encrypted message.
Important please note: If you have previously used the word [encrypt] in front of your subject line, your email will have been sent as a secure encrypted message.
What will this mean for the email recipient?
The recipient may need to enter a one-time passcode to access the encrypted email. This will not impact the delivery of the email.
Further information and support
In line with NHS England guidance, organisations with secure email standard (DCB1596) are able to securely email each other without any further encryption required.
All organisations listed within DCB1596 Accredited Organisations are secure to send and receive emails between each other without further encryption. This list is managed by NHS England.
Please be aware that the guide on sending secure emails below will be updated as other NHS email domains are accredited to the DCB1596 secure email standard. As such, please always refer to the document review history to ensure you are referring to the most up-to-date guidance.