NHSmail is a centrally funded and managed secure email and communications service which is approved by the NHS for exchanging patient data.
The NHSmail service is available anywhere, over either the NHS N3 network or the open internet. The service can be viewed through a free web based client or alternatively pharmacies can choose to connect the service to a local email client they have purchased, for example Microsoft Outlook.
The key benefit of the service is its security, which means it can be used for transmission of patient information between health professionals. Examples of the types of information that can be transmitted through the service include patient MUR information and hospital discharge communications.
For a number of years, community pharmacies in England have been able to request a shared NHSmail account. To access a shared NHSmail mailbox, users must have their own personal NHSmail address which is linked to the shared mailbox. This is to allow different staff members to access the mailbox without sharing of login details.
NHSmail website NHSmail national helpdesk: 0333 200 1133
email@example.com (this email address goes directly to the national NHSmail team managing pharmacy accounts)
Quality Accounts, NUMSAS & how to get an NHSmail account
Having an NHSmail account is now a gateway criterion for the Quality Payments scheme and it is also necessary for any pharmacy that wishes to provide the NHS Urgent Medicine Supply Advanced Service (NUMSAS); both of these were introduced in December 2016.
During December 2016, NHS England and NHS Digital decided to introduce a new interim approach to allocation of NHSmail accounts to pharmacies and Local Organisation Administrators (the local NHS managers of NHSmail) were told that they should no longer provide new NHSmail accounts to pharmacies. A new national process will be rolled out by NHS Digital in 2017 and further details on this are expected to be released shortly.
Quality Payments scheme – Requesting an NHSmail account for your pharmacy
Community pharmacy contractors that wish to take part in the Quality Payments Scheme must:
- have an NHSmail account for their pharmacy by the review points (28th April 2017 and 24th November 2017) at which they wish to make a Quality Payments Scheme claim; or
- for the purposes of the 28th April 2017 review point, have evidence that they have applied for an NHSmail account by 1st February 2017.
NHS England and NHS Digital announced in December 2016 that contractors that wished to apply for an NHSmail account for their pharmacy, to meet the requirement in point 2 above, could do so by emailing the following information to firstname.lastname@example.org (by 1st February 2017).
If you wish to apply for an NHSmail account for your pharmacy, please email email@example.com with the following information:
- Trading name of pharmacy;
- Owner’s name;
- Address, including postcode (for the premises the NHSmail address will apply to);
- Pharmacy ODS code (F code);
- Pharmacy telephone number; and
- Current pharmacy email address.
Contractors with multiple pharmacies may submit this information via one email, providing details for each pharmacy premises; this spreadsheet template can be used for collating the information on individual pharmacies within a group. For this reason, pharmacy teams working within multiple pharmacy groups may want to check with their head office before requesting an NHSmail address for their pharmacy.
If a contractor did not make a request for an NHSmail account before 1st February 2017, they can still request an account as described above; NHS England and NHS Digital have stated that these contractors will receive NHSmail as quickly as possible after April and before 24 November 2017.
Provision of new NHSmail accounts
NHS England has advised that pharmacies which wish to obtain an NHSmail account solely for the Quality Payments Scheme will need to wait for the new national process to become available and, if they have applied for an account (using the process described above), NHS Digital will contact them in due course.
Priority is currently being given to provision of new NHSmail accounts for pharmacies that wish to provide the NUMSAS pilot. To support the efficient roll out of NHSmail for the NUMSAS pilot, a phased, interim local approach has been adopted by NHS England for the allocation of NHSmail accounts while the new national process for NHSmail is being implemented.
Using this interim process, NHS England’s local teams are contacting pharmacies in phases to enable them to register for NHSmail accounts and mailboxes in order to qualify for the NUMSAS pilot. The phased NUMSAS roll-out timetable which NHS England is working to is as follows:
|Phase 1: December 2016 / January 2017||Brighton & Hove CCG
Guildford & Waverley CCG
Blackpool and Fylde & Wyre CCGs
Nottingham City CCG
Peterborough & Cambridgeshire CCG
|Phase 2: January / February 2017||
East of England
|Phase 3: February / March 2017||
South East Coast
Phase 4: March 2017
Yorkshire & Humber
South Central (incl. Isle of Wight)
Priority for issuing NHSmail shared mailboxes is being given to those pharmacies intending to provide the NUMSAS pilot. If your pharmacy is in one of the ‘phase 1’ CCG areas and you have not been contacted by NHS England and wish to provide NUMSAS, please contact your local NHS England Pharmacy Commissioning team.
The issuing of the accounts will be managed centrally. It is anticipated that during this interim phase a number of elements relating to NHSmail will be piloted, including the authentication process for a pharmacy premises.
Next steps once the new national process commences
Once the new national process commences, further details will be requested from contractors that have submitted a request for an NHSmail account, in order to allow the creation of a pharmacy shared NHSmail account and individual NHSmail accounts for staff, including regular locum staff, that will be needed to access the pharmacy’s shared NHSmail account.
Already have an NHSmail account for your pharmacy?
Some pharmacies already have an NHSmail account for their pharmacy. This may be a shared mailbox, which users log into using a personal NHSmail account (i.e. the shared mailbox cannot be logged into directly), or it may be an NHSmail account which has been created for the pharmacy using a personal NHSmail account. NHS England and NHS Digital want all pharmacies to have shared mailboxes which can only be accessed by authorised users who log in using their personal NHSmail account.
If you already have a shared mailbox – NHS Digital will put in place a process later in 2017 to ensure all such shared mailboxes are modified so that they conform to the approach now being taken to creating new pharmacy shared mailboxes. Further details on this process will be released in due course.
If you already have a pharmacy NHSmail account, but it is not a shared mailbox – follow the above process to request a shared mailbox. NHS Digital will publish guidance on what should be done with your existing NHSmail account in due course. A pre-requisite for NUMSAS is a ‘premises specific’ NHSmail shared mailbox.
There are a range of things that need to be considered when deciding whether to request an NHSmail account and in considering how the accounts should be used. The following issues to consider have been collated from feedback from pharmacists that have used the service.
- How often will the account be checked? Email can be a useful additional communication channel, but if the information being communicated to the pharmacy is time sensitive, the pharmacy must have procedures in place to ensure email is checked on a frequent basis;
- NHSmail supports the sending of attachments – problems can sometimes arise when attachments are sent to the pharmacy to view or edit, but the pharmacy doesn’t have the necessary software on their computer to support this. As there is a risk that unapproved software could interfere with the operation of a PMR system or invalidate a pharmacy’s maintenance contract with their supplier, it is important to check with suppliers before loading software on to pharmacy computers;
- Links in emails to external websites – many pharmacies have strict controls on what websites can be accessed from the pharmacy computer. In some cases staff can only access a list of sites that have been pre-approved by a company Head Office;
- Managing access rights – who will have access to the shared mailbox and how will this access be managed? What processes are in place to ensure access rights are maintained when there are staff changes?
- Storing information received – storing records of clinical communications is important for clinical governance reasons. NHSmail is designed to support the transfer of information, not the storage of information. Whilst some information could be copied across to the notes in the patient’s pharmacy record, particular consideration will need to be given to how attached documents are stored (including arrangements for data back-up and appropriate access controls);
- Sending patient information – NHSmail is the only NHS approved method for exchanging patient data by email, but only if both sender and recipient use an NHSmail account or if sending to another government secure domain such as GSi (*.gsi.gov.uk) or CJX (*.police.uk or .pnn.police.uk). In addition to ensuring the recipient account is secure, it is important to check that the recipient is prepared to accept the information by email, check that information is being sent to the correct email address and indicate the sensitive nature of data in the header;
- Information Governance – appropriate information governance procedures need to be put in place if NHSmail is used to transfer sensitive information. As NHSmail can be accessed anywhere, it is not possible to limit access rights to a particular location, for example from within a pharmacy. Also NHSmail can be linked to a wide range of mobile devices – if this option is used, provision needs to be made for the event that they are stolen or lost, for example a process to activate self-wipe capability. Approaches by which safeguards around the use of NHSmail could be integrated into existing IG resources required for compliance with the NHS Information Governance Toolkit include:
- Outlining the expectations on staff use of NHSmail in the pharmacy confidentiality code of conduct (Requirement 214).
- Outlining how personal information will be handled if received by email, for example in the pharmacy’s safe haven procedures (Requirement 322).
- Providing guidance on the use of NHSmail in the pharmacy’s data transfer procedures (Requirement 322).
- Where the service is accessed from mobile devices, providing additional guidelines for staff on mobile computing (Requirement 318).
- General guidance on the NHS Information Governance requirements can be found in the NHS IG section of this website.
- Regulatory information in business letters – a requirement was introduced by the Companies (Registrar, Languages and Trading Disclosures) Regulations 2006 for companies in the UK to include certain regulatory information (e.g. company registration number, place of registration and registered office address) in their ‘business letters’ (which includes emails). In October 2009, similar requirements were introduced for sole traders and partnerships (with special provision for partnerships of more than 20 persons) and Limited Liability Partnerships. Although individuals can set up personal ‘email signatures’ in NHSmail, there is no way at present, via the NHSmail service to set up an automatic footer/signature stamp so that a company can ensure all emails sent by their employees contain the necessary information. Failure to include the information required in the Regulations would be a breach of the Companies Act 1985, and could render companies liable to a substantial fine.
Skype for Business Messaging (via NHSmail)
In the future community pharmacy staff may be able to “instant message” other NHSmail users via Skype for Business, for free, as part of the core NHSmail service.
For example, this could allow community pharmacy staff to communicate / instant message with:
- Staff from other community pharmacies;
- GP practice staff; or
- Care Home staff.
Audio & Video Conferencing (top-up service for NHSmail users)
Such a service may allow the ability to make audio/video calls and host conferences without telephone dial-in.
The Skype for Business Audio and Video Conferencing (A&VC) offering is anticipated to be available as a top-up service by April 2017.
Proof of concept pilots with a small group of organisations are currently running, with the aim of validating a number of use cases, including:
- Virtual multi-disciplinary team meetings;
- Virtual clinical peer to peer meetings; and
- Virtual consultations with patients.
Frequently asked questions
Q. What is the process for locum pharmacists wishing to obtain an NHSmail account because of the NUMSAS pilot?
A. NHSmail accounts can be requested by a pharmacy participating in the NUMSAS pilot – including for their locum pharmacists. If you require an NHSmail account outside of the NUMSAS roll out process you will need to wait until the new national process is available. The NHSmail encryption tool is available to share sensitive information as an interim solution; for further information read this guidance. Locum pharmacists will be able to access a community pharmacy’s NHSmail shared mailboxes, if they have been given permission, via their personal NHSmail account. Details on how to set this up will be provided to pharmacy contractors later in 2017.
Q. A regular member of staff in my pharmacy has an individual NHSmail account; does this mean my pharmacy will meet the gateway criterion for NHSmail?
Yes, if a regular member of staff in your pharmacy has an individual NHSmail account, which allows them to send and receive NHSmail, then your pharmacy will meet the NHSmail gateway criterion. However, PSNC strongly recommends that contractors should still apply for a premises specific shared NHSmail account. Using individual NHSmail accounts could mean that contractors face information governance (IG) challenges, for example, if a pharmacy manager resigned from working at a contractor’s pharmacy, the contractor would not be able to access any of the emails in the pharmacist manager’s personal NHSmail account, relating to their pharmacy.
Q. My pharmacy has an NHSmail account previously set up by the NHS Local Organisation Administrator, but it was not created as a shared mailbox. Is this sufficient to meet the gateway criterion of pharmacy staff being able to send and receive NHS mail?
NHS England and NHS Digital want all pharmacies to have shared mailboxes which can only be accessed by authorised users who log in using their personal NHSmail account. Since NHSmail accounts are likely to contain patient sensitive information, sharing log-in information (such as passwords) for NHSmail accounts with pharmacy team members would constitute a breach of NHS Information Governance requirements. Any pharmacies with such an account should request a new shared mailbox.
More frequently asked questions (FAQs) on Quality Payments can be found on the Quality Payments – FAQs page of the PSNC website.