Email Security 2023
Below is a brief explanation of the current email security arrangements for Somerset’s NHS estate and corresponding partners.
NHS.net
It is important for NHS.net email users to understand which email addresses you can send confidential information to securely.
The following table summarises the current position for nhs.net users in Somerset GP practices.
| Sender | Receiver | Status |
| @nhs.net | @nhs.net | Secure for all data |
| @nhs.net | @somersetft.nhs.uk | Secure for all data |
| @nhs.net | @ydh.nhs.uk | Secure for all data |
| @nhs.net | @gov.uk | Secure for all data |
| @nhs.net | @pnn.police.uk | Secure for all data |
| @nhs.net | @secure.nhs.uk | Secure for all data |
| @nhs.net | @nuffieldhealth.com | Secure for all data |
| @nhs.net | @sompar.nhs.uk | Secure for all data |
| @nhs.net | @tst.nhs.uk | Secure for all data |
| @nhs.net | @cjsm.net | Secure for all data |
| @nhs.net | @police.uk | Not Secure |
| @nhs.net | any@organisation.nhs.uk | Not Secure |
| @nhs.net | any other email address | Not Secure |
Where email addresses are not listed as secure for all data, it is important to know how to encrypt the information you are sending. Adding the word [secure] with square brackets in the subject line of an email sent from an nhs.net account encrypts the message. Full guidance on using the NHS Mail encryption function to send information securely is available at the following link to NHS Digital’s website.
If another organisation wishes to send confidential information to an nhs.net email address from a non-accredited mail account, they should have their own encryption process in place.
Careful selection of recipients
As NHS.net has a Global Address Book, it is important to ensure to check you are sending to person. The suffixes should be checked before sending i.e Jess Brown (NHS Somerset) rather than Jess Brown (NHS Devon ). It is your responsibility to make sure you select the right person.
