Name: Secure Email
Creator: nhs-digital

This information standard defines the minimum non-functional requirements for a secure email service

secure-email

nhs-digital

NHS Digital

Secure Email

Explore listings for information standards, services and APIs used in health and social care technology.

published-standards

Published standards

* [Home](https://data.standards.nhs.uk/)

## Browse by care setting

* [Hospitals](/published-standards?care_setting=Hospital)
* [GP and primary care](/published-standards?care_setting=GP+%2F+Primary+care)
* [Social care](/published-standards?care_setting=Social+care)
* [Browse all care settings](/published-standards)

##  Browse by topic

* [Appointments](/published-standards?topic=Appointment+%2F+scheduling)
* [Access to records](/published-standards?topic=Access+to+records)
* [Vaccination](/published-standards?topic=Vaccination)
* [Browse all topics](/published-standards)

## Browse by type

* [Technical standards and specifications](/published-standards?standard_category=Technical+standards+and+specifications)
* [Record standards](/published-standards?standard_category=Record+standards)
* [Data definitions and terminologies](/published-standards?standard_category=Data+definitions+and+terminologies)
* [Browse all standard types](/published-standards)
* [Current standards](/published-standards)
* [Browse future standards](/future-standards)
* [Browse about standards](/about-standards)
    * [What is interoperability](/about-standards#what-is-interoperability)
    * [What we mean by standards](/about-standards#what-we-mean-by-standards)
    * [Benefits to patients and staff](/about-standards#benefits-to-patients-and-staff)
    * [Report a gap in standards](/about-standards#report-a-gap-in-standards)
* [Help and resources](/help-and-resources)
    * [Data Standards Directory mailbox](/help-and-resources#data-standards-directory-mailbox)
    * [Standard development bodies](/help-and-resources#standard-development-bodies)
    * [Discussion forums](/help-and-resources#discussion-forums)
    * [Technology regulations](/help-and-resources#technology-regulations)
    * [Platforms for buying and selling IT](/help-and-resources#platforms-for-buying-and-selling-it)
    * [Design kits and case studies](/help-and-resources#design-kits-and-case-studies)
* [Accessibility statement](/accessibility-statement)
* [Cookies](/cookie-policy)
* [Privacy](/privacy-policy)
* [About this service](/about-this-service)
    * [What this service does](/about-this-service#what-this-service-does)
    * [Who this service is for](/about-this-service#who-this-service-is-for)
    * [What standards are included](/about-this-service#what-standards-are-covered)
    * [Who manages this service](/about-this-service#how-this-service-works)
* [Feedback](https://docs.google.com/forms/d/e/1FAIpQLSc3t0kyD6f8kkvgRnqtj5uUmozq_oACBWrOqhrDBmzzqlfRHA/viewform) 

A sitemap for the NHS Data Standards Directory

site-map

Site map

This accessibility statement applies to the NHS Data Standards Directory. 

We want as many people as possible to be able to use this website. For example, this means you should be able to:
* change colours, contrast levels and fonts
* zoom in up to 300% without the text spilling off the screen
* navigate most of the website using just a keyboard
* listen to most of the website using a screen reader
* we have also made the website text as simple as possible to understand

[AbilityNet](https://mcmw.abilitynet.org.uk/) has advice on making your device easier to use if you have a disability.

## How accessible this website is
We know from several accessibility reports that parts of this website are not fully accessible.

### Usability issues
We have identified some issues that, although do not fail to meet Web Content Accessibility Guidelines (WCAG) 2.1, may prove challenging for users of the website. These include:
* some heading levels in the homepage increase by more than one level at a time
* some additional features within the filter section of the Current standards page may be beneficial for some blind users, such as the option to reset the filter options
* the details component used in standard listing pages is problematic for VoiceOver users
* the feedback link below the main menu does not include the destination as part of the hypertext
* when Window’s default colour inversion is used the search input is difficult to decipher for users with low vision
* nested lists in some of our content pages can make reading slow and difficult to some screen readers
* links to websites or software that we do not own or manage and so cannot guarantee their accessibility

We are actively working to address these issues as part of an ongoing programme to improve the accessibility of this website.

### Other websites that the directory signposts to
Many of the links to standard documentation that we signpost use PDFs which are not fully accessible to screen reader software. Some of these PDFs are required to access the specification or implementation guidance for the standards.

If you're having problems using these PDFs, contact the standard owner for advice.

## Feedback and contact information
We are always looking to improve the accessibility of this website. Contact england.interop.standards@nhs.net if you have an accessibility query including:
* issues with accessing information or using this website
* an accessibility problem not listed on this statement
* any positive feedback about this website's accessibility

## Enforcement procedure
If you contact us with a complaint and you are not happy with our response, [contact the Equality Advisory and Support Service (EASS)](https://www.equalityadvisoryservice.com/).
The Equality and Human Rights Commission (EHRC) is responsible for enforcing the [Public Sector Bodies (Websites and Mobile Applications) (No. 2) Accessibility Regulations 2018 on legislation.gov.uk](https://www.legislation.gov.uk/uksi/2018/952/contents/made) (the "accessibility regulations").

## Technical information about this website's accessibility
We're committed to making this website accessible, in accordance with the accessibility regulations.

### Compliance status
This website is compliant with the Web Content Accessibility Guidelines (WCAG) version 2.1 AA standard. This means we have addressed all the level A and AA accessibility issues identified through internal tests or raised by an external evaluator.

## Preparation of this accessibility statement
This statement was updated in November 2022.

This website was last tested in September 2022 by the [Digital Accessibility Centre (DAC)](https://digitalaccessibilitycentre.org/), who performed an expert evaluation against all level A and AA success criteria of WCAG 2.1. The [new Future standards](/future-standards) page was published after the last review and hasn't been tested by an external evaluator yet. This website's accessibility will continue to be reviewed on a regular basis. 

Check how accessible our website is for disabled people and others.

accessibility-statement

Accessibility statement

Your privacy is important to us. This privacy policy covers what we collect and how we use, share and store your information.

This page tells you:

* about the information we may collect
* how we keep your data secure
* who we share your data with
* about your rights to see or change information we hold about you

## Information we may collect

You can leave feedback on some pages of the website or on a user survey. You can choose to share your email address if you want a reply by emailing the team directly on [england.interop.standards@nhs.net](mailto:england.interop.standards@nhs.net). Otherwise, we collect and store feedback anonymously.

### How we use cookies

Our website uses cookies. These are small files saved on your phone, tablet or computer when you visit a website. They store information about how you use the website, such as the pages you visit.

The law says that we can store cookies on your device if they are strictly necessary to make our website work. We need your permission for all other types of cookies before we can use them on your device.

We like to use analytics cookies that measure how you use our website and help us improve our service for future users but we only use these cookies if you say it's OK.

[Read our cookie policy](/cookie-policy) to find out more about the cookies we use and tell us if we can put analytics cookies on your device.

We sometimes use tools on other organisations' websites to collect data or to ask for feedback. These tools set their own cookies.

#### How we collect and store your data

If you interact with us on social media, we may receive some personally identifiable data about you, which is supplied by the channel you are using (for example, Twitter or Linkedin). This may include:

* your name
* social media handles (such as Twitter account name)
* location history (where you are contacting us from)
* images (such as your profile picture)

We will process and store your data in accordance with the terms and conditions and privacy policy of the platform in question. You should be aware that your use of these platforms is governed by the terms and conditions agreed between you and the platform, rather than with us.

We will not remove, duplicate or transfer your personal data from or between any of the social platforms that we use, except for when you give us explicit permission to do so or when we believe that we need to in order to respond to an urgent risk to health.

You should be aware that social networks may control some of the data associated with interactions between you (the user) and us (NHS Data Standards Directory) on their platforms. For example, we will be able to delete our own records of a private message conversation if you ask us to do so, but social networks may store a copy of this conversation that we are unable to access.

We recommend using the privacy tools built into the social networks in question to make sure you are able to exercise your rights appropriately.

#### Understanding how social networks use your data

Social networks use information about your online activity to build a profile of you. This data is then used (anonymously) to send you targeted adverts across various digital platforms.

You should be aware that interacting with accounts such as ours may help build the profile of you that social networks maintain, and that could potentially result in you receiving adverts about related issues.

This process of collecting data for advertising purposes is not controlled by the NHS Data Standards Directory, and we do not have access to the profiling data stored by social networks about you.


## Keeping your personal data secure

We convert your data into secure code (encrypt it) and store it on secure servers in England. A partner organisation is providing hosting services but has no say in how the information is used. There are no legal ways for their employees to see the data. Only approved people in the NHS Data Standards Directory team can see it.

If you shared your email with us as part of a survey, we will delete it after 2 years. At that point no one can identify you in the survey data.


## Data sharing

NHS England and Improvement may share anonymous information on how the service is used with NHS Digital, the Data Alliance Partnership Board, NHS API Catalogue, and the Professional Records Standards Body.

### Legal powers

When you give us personal information, we may pass it on if the law says we must.

If you make a claim against us, we and other third parties such as our solicitors may need to look at this information.

We will not share your personal information with anyone else without your permission for any other reason.


## Your rights

You can:


* find out what information we hold about you, ask us to correct it if it's wrong, or delete it by emailing [england.interop.standards@nhs.net](mailto:england.interop.standards@nhs.net). 
* contact the [Information Commissioner's Office](https://ico.org.uk/), Wycliffe House Water Lane, Wilmslow SK9 5AF if you want to make a complaint about how we have managed your data

Check how we collect, use, share and store data for people visiting our website.

privacy-policy

Privacy policy

## What are cookies?

Cookies are files saved on your phone, tablet or computer when you visit a website.

They store information about how you use the website, such as the pages you visit.

Cookies are not viruses or computer programs. They are very small so do not take up much space.

## How we use cookies

We only use cookies to:

* make our website work
* measure how you use our website, such as which links you click on (analytics cookies), if you give us permission

We do not use any other cookies, for example, cookies that remember your settings or cookies that help with health campaigns.

We sometimes use tools on other organisations' websites to collect data or to ask for feedback. These tools set their own cookies.

Check how we use cookies to collect and store information about visits to our website.

cookie-policy

Cookie policy

Find standards being assessed by the Data Alliance Partnership Board with a view to mandatory implementation in England. For more information or to propose a new standard, email <a href="mailto:england.interop.standards@nhs.net">england.interop.standards@nhs.net</a>


future-standards

Future standards

Roadmap of future requirements in England

### Data Standards Directory mailbox

You can contact the team who manage the Data Standards Directory by emailing england.interop.standards@nhs.net.

### Standard development bodies

[The Data Alliance Partnership Board](https://digital.nhs.uk/data-and-information/information-standards/information-standards-and-data-collections-including-extractions/data-alliance-partnership-board) approves information standards, data collections and extractions for health and adult social care in England. 

[Government Digital Service](https://www.gov.uk/government/organisations/government-digital-service) owns the [UK government’s API Catalogue](https://www.api.gov.uk/#uk-public-sector-apis) which lists public sector APIs. They also oversee the [Data Standards Authority](https://www.gov.uk/government/groups/data-standards-authority) which sets standards for data-sharing in government.

[HL7 UK](https://www.hl7.org.uk/) develops standards for exchanging electronic health information in the UK.

[NHS Digital](https://digital.nhs.uk/) owns the [NHS' API Catalogue](https://digital.nhs.uk/developer/api-catalogue) which lists APIs for use in the NHS. New APIs can be voted on in their [product backlog](https://nhs-digital-api-management.featureupvote.com). 

[The Professional Record Standards Body](https://theprsb.org/) develops standards for patient and care records. 

### Discussion forums

[FutureNHS](https://future.nhs.uk/) is a platform for health and social care professionals to connect.

INTEROPen is a place to discuss standards development and usage in health and social care. Their [discussion forum](https://interopen.ryver.com/application/login) is hosted on Ryvver - email membership@interopen.org to join.

[Digital health networks](https://digitalhealthnetworks.net/) are where health and social care professionals can support the digital agenda through discussions and events.

### Technology regulations

The [NHS Service Standard](https://service-manual.nhs.uk/standards-and-technology/service-standard) and [GDS Service Standard](https://www.gov.uk/service-manual/service-standard) are standards for designing and building online services. [Point 17 of the NHS Service Standard](https://service-manual.nhs.uk/standards-and-technology/service-standard-points/17-make-your-service-interoperable) states that technology must implement standards that support interoperability. 

The [Technology Code of Practice](https://www.gov.uk/guidance/the-technology-code-of-practice) is a set of criteria to help government build or buy technology. 
 
The [Web Content Accessibility Guidelines](https://www.w3.org/TR/WCAG21/) are a requirement for all public sector websites and apps.

### Platforms for buying and selling IT

[GP IT Futures Capabilities & Standards](https://gpitbjss.atlassian.net/wiki/spaces/GPITF/overview?homepageId=1391134009) is a commercial framework for primary care technology.

[Health Systems Support Framework](https://www.england.nhs.uk/hssf/) is a commercial framework for non-clinical solutions related to population health management such as advanced analytics and digital infrastructure.  

[The Digital Social Care Records Dynamic Purchasing System](https://www.digitalsocialcare.co.uk/social-care-technology/digital-social-care-records-dynamic-purchasing-system/) is a commercial framework for solutions that digitise social care records.

### Design kits and case studies

[The NHS Design System](https://service-manual.nhs.uk/design-system) has design patterns and style guides for use in NHS digital services.

[The GOV.UK Design System](https://design-system.service.gov.uk/) has design patterns and style guides for use in all public sector digital services.

[NHS digital playbooks](https://www.nhsx.nhs.uk/key-tools-and-info/digital-playbooks/) show examples of how care pathways have been improved with technology.


Explore resources for the data standards community in health and social care including links to discussion forums and government regulations.

help-and-resources

Help and resources

## What this service does

The directory is a source of recognised standards used by technologies in health and adult social care to exchange data in England. 

It is a signposting service only. It doesn’t include the full documentation for each standard. This can be found on the standard owner’s website.

This service is currently in development and is being tested and improved based on feedback. To report a problem or make a suggestion, email  <a href="mailto:england.interop.standards@nhs.net">england.interop.standards@nhs.net</a>.

To learn more about why this service was needed and the future plans for it there is a <a href="https://digital.nhs.uk/blog/tech-talk/2022/discovering-data-standards-together">2022 blog written by the Product Manager</a> of the NHS Data Standards Directory.

[Find out more about standards](/about-standards).

## Who this service is for

This service is for anyone building or buying digital technologies for the NHS or local authority-funded adult social care services in England. 

This includes IT suppliers, healthcare providers and technology buyers such as procurement teams and framework operators.

## What standards are included

The directory lists all standards that are mandated at a national level as well as some standards that are not mandatory but are widely in use in England. These include: 

* all approved national [information standards](https://digital.nhs.uk/data-and-information/information-standards/information-standards-and-data-collections-including-extractions/publications-and-notifications/standards-and-collections#approved-standards-and-collections). These are assured by the [Data Alliance Partnership Board](https://digital.nhs.uk/data-and-information/information-standards/information-standards-and-data-collections-including-extractions/data-alliance-partnership-board) and issued with an Information Standard Notice, which means they are mandatory.
* APIs published in [NHS Digital's API Catalogue](https://digital.nhs.uk/developer/api-catalogue)
* record standards published by the [Professional Record Standards Body](https://theprsb.org/)

It also includes draft APIs and draft standards that are in the process of being assured at the national level.

More standards are likely to be added to the directory in the future. You can find [data collections and extractions on NHS Digital’s website](https://digital.nhs.uk/data-and-information/information-standards/information-standards-and-data-collections-including-extractions/publications-and-notifications/standards-and-collections#approved-standards-and-collections). 

When writing information around standards there is an aim to provide clear, accessible and useful metadata to enable everyone to understand it. Details of which can be read in this <a href="https://services.blog.gov.uk/2022/12/14/how-content-design-helped-to-frame-a-new-service-around-nhs-data-standards/">2022 blog on the use of content design to build the Standards Directory.</a>

## Who manages this service

This service is managed by NHS England working closely with organisations involved in standards development. You can contact the standards directory team by emailing <a href="mailto:england.interop.standards@nhs.net">england.interop.standards@nhs.net</a>.

Check who owns and manages the NHS Data Standards Directory and what the service is for.

about-this-service

About this service

### What we mean by standards
This service contains standards, which we group into 4 categories:

*   **record standards** define what information to collect and how to format it, for example when registering a new patient

[Browse record standards](/published-standards?standard_category=Record+standards).

*   **data definitions and terminologies** define the format of data items so they can be consistently represented, for example names of medications. Reference sets and controlled lists and also included.

[Browse data definitions and terminologies](/published-standards?standard_category=Data+definitions+and+terminologies).

*   **technical standards and specifications** specify how to make information available technically including how the data is structured and transported

[Browse technical standards and specifications](/published-standards?standard_category=Technical+standards+and+specifications).

* **information codes of practice** are legal or best practice guidelines on how information should be handled

[Browse information codes of practice](/published-standards?standard_category=Information+codes+of+practice).

Not every standard that exists is listed in this service. You can [find out which standards are included](/about-this-service#what-standards-are-included). 

### Benefits of using standards
There are many benefits to using data standards including:

* it’s more efficient to reuse existing approaches to recording or exchanging data than creating new ones
* it promotes quality by ensuring all care settings are aligned to standards that have been approved by qualified bodies
* it makes it easier to analyse data at the national level and see trends or problems if the data has all been standardised 
* it is essential to achieving interoperability, which would allow IT systems across the country to share data. An example of this is hospitals being able to update GP records directly using their own systems instead of sending emails

### Report a gap in standards
Work is underway to publish a process for people developing new data standards. 

In the meantime, please notify us of plans to create new standards by emailing england.interop.standards@nhs.net. Local standards that apply at the national level may be uplifted for national use.  


Find out about the different types and benefits of data standards in health and social care and how to report a gap in standards.

Secure Email

About this standard

Link to standard

Topics and care settings

Dependencies and related standards

Assurance and endorsements