Secure Email
This information standard defines the minimum non-functional requirements for a secure email service
About this standard
- Owner
- NHS Digital
- Status
- Active
Show definitions of statuses
Active standards are stable, maintained and have been assured or endorsed for use by qualified bodies.
Standards in development are APIs or API standards in alpha or beta, meaning they are available for use but are still in progress and may change.
Deprecated standards are older versions of a standard which are being phased out.
Retired standards are not being maintained and should not be used.
- Standard type
- Technical standards and specifications
Show definitions of standard types
Record standards define what information to collect and how to format it, for example when registering a new patient.
Data definitions and terminologies define the format of individual data items so they can be consistently represented, for example dates or medication names. Reference sets and controlled lists are also included.
Technical standards and specifications specify how to make information available technically including how the data is structured and transported.
Information codes of practice are legal or best practice guidelines on how information should be handled.
- Contact details
- standards.assurance@nhs.net
Link to standard
- Documentation
- View documentation for this standardopens in a new tab
(opens in new tab)
Topics and care settings
- Topic
- Information governance
- Security
- Care setting
- Community health
- Dentistry
- Hospital
- Maternity
- Mental health
- Pharmacy
- GP / Primary care
- Social care
- Urgent and Emergency Care
Dependencies and related standards
- Dependencies
No known dependencies
- Related standards
- DCB0086 Data Security and Protection Toolkit
- DCB0160 Clinical Risk Management: its Application in the Deployment and Use of Health IT Systems
- DCB0129 Clinical Risk Management: its Application in the Manufacture of Health IT Systems
- BS ISO/IEC 27001:2013 Information technology - Security techniques - Information security management systems - Requirements
- BS ISO/IEC 27002:2013 Information technology. Security techniques. Code of practice for information security controls Cabinet Office Guidance
- RFC5246 and RFC 8446 (TLS)
- RFC7208 (SPF)
- RFC6377 (DKIM)
- RFC7489 (DMARC)
- RFC8640 (TLS-RPT)
- RFC8461 (MTA-STS)
- Health and Social Care Guidance
- NHS and social care data: off-shoring and the use of public cloud services
Assurance and endorsements
- Reference code for standards issued as requirements in England
- DCB1596
- Quality assurance
This standard has been approved by the Data Coordination Board (legacy) and published as an information standard notice (ISN).
- Endorsements
- Not applicable
Page last updated: 22 November 2022