NHS.mail – Secure, Fast and Free Communication

Join this fully funded project available for both residential and nursing homes who support older people or adults with disabilities, across Hertfordshire and West Essex.

Fully funded by the NHS.

HCPA is launching its 6 month project to support Care Home managers and owners to implement NHS Secure email to have quicker and safer communication with health services. To gain NHS secure email organisations need to complete the NHS Data Protection and Security Toolkit.

The benefits:

  • Fast and secure communication between GP Practices and care homes
  • No more faxing, which is costly, timely and unsecure (NHS England recently announced faxing would no longer be supported)
  • Sharing of information such as Sharing of information such as GP summaries, discharge assessments and medication queries
  • Prompt triage of GP visit requests as emails can be forwarded instantly to clinical staff
  • Entries on System One can be emailed to care manager to ensure all clinical reviews and actions can be communicated to all staff
  • Discharge or transfer information can be scanned and then emailed
  • Meeting GDPR regulations for CQC and statutory bodies.

Click here if you would like more information on the DSP Toolkit.

HCPA wants to make the process as simple as possible for you to meet all the necessary requirements. Therefore, we have developed a step by step training and support programme.

Please find below a summary of the steps you will need to complete to achieve an NHS.mail account for your organisation.

East & North Hertfordshire Care Homes that already have NHS.mail emails:

You will have received an email from Anna Lawrence at HCC who is starting the process requested by NHS England for your email account to be moved over to the national platform. As per the email, please reply confirming the account is still used and by which staff; otherwise it may be deleted. Anna will then get back to you shortly confirming next steps and processes for closing and opening new staff accounts. If you have not received an email from Anna via your NHSmail account, please contact Anna as soon as possible at anna.lawrence@hertfordshire.gov.uk.

As you know, the Data Protection and Security Toolkit (previously known as the IG Toolkit) has to be updated yearly to continue using NHSmail. You are welcome to join the training above to help you complete the new toolkit. The good news is the new toolkit is simpler.

1. Book your GDPR Lead to attend training with HCPA to learn about the Data Protection and Security Toolkit and start completing.

  • The GDPR Lead will vary depending on the size of organisations- this could be the manager, owner or a member of the head office team.
  • HCPA are happy for multiple people from organisations to attend training but ideally it needs to be on the same date.

Please find below the list of dates currently available to book. Book your team on the most convenient training session for you.


Date Location Time
25/04/2019 Watford 10:00 – 16:00 Book Now
29/04/2019 Welwyn Garden City 10:00 – 16:00 Book Now
01/05/2019 Harlow 10:00 – 16:00 Book Now
03/05/2019 Welwyn Garden City 10:00 – 16:00 Book Now
08/05/2019 Welwyn Garden City 10:00 – 16:00 Book Now
09/05/2019 Welwyn Garden City 10:00 – 16:00 Book Now
13/05/2019 St Albans 10:00 – 16:00 Book Now
More dates coming soon…
15/05/2019 West Essex (TBC) 10:00 – 16:00 Book Now
17/05/2019 Welwyn Garden City 10:00 – 16:00 Book Now
21/05/2019 Welwyn Garden City 10:00 – 16:00 Book Now
22/05/2019 Watford 10:00 – 16:00 Book Now
29/05/2019 Welwyn Garden City 10:00 – 16:00 Book Now
31/05/2019 Harlow 10:00 – 16:00 Book Now



Your content goes here. Edit or remove this text inline or in the module Content settings. You can also style every aspect of this content in the module Design settings and even apply custom CSS to this text in the module Advanced settings.

2. Set up Data Protection and Security Toolkit login.

If you provide HCPA with your ODS code, we will complete this for you prior to training.

What is an ODS code? – Organisational Data service

The Organisation Data Service (ODS) is responsible for publishing organisation and practitioner codes, along with related national policies and standards. They are also responsible for the ongoing maintenance of the organisation and person nodes of the Spine Directory Service, which is the central data repository used within various NHS systems and services.

Search for your code here- https://odsportal.hscic.gov.uk/

Please add your ODS code to your training booking or send to nhsmail@hcpa.info

3. Complete requirements for the toolkit

The completion of resources to meet the requirements of the toolkit will begin during the training day and then you will have 3-6 weeks to complete back at work.

During the 3-6-week period, HCPA will visit to support you if required.

Please find below a list of the organisational documents that need to be checked and potentially updated to meet the requirements in the toolkit.

  • Data Security and Protection responsibilities agreed
  • Data Protection Policy
  • Data Quality Policy
  • Data Security Policy
  • Data Security breach reporting process
  • Record Keeping Policy
  • Network / IT Security Policy
  • Business Continuity Plan for Data Security Breach??
  • Information Asset Register (IAR)
  • Record of Processing Activities (RoPA)
  • Guidance for staff
  • Privacy notice

It is ideal for attendees of the training to bring any copies of the above with them on the training day. This has been proven to make the process quicker and smoother for everyone involved.

Once your requirements are complete, you must log-on to the toolkit and mark a date to confirm that the requirement is met. There are 10 requirements in total.

4. Apply to set up NHS account - Including 10 user accounts

HCPA will look to support you to complete the paperwork to receive the emails.

All accounts set up by NHS Digital

HCPA will give you resources explaining the process for removing or requesting new accounts when staff members leave.

5. Start using safe and secure email

If you have any further questions, please email nhsmail@hcpa.info

HCPA, NHS Digital and Care Alliance have produced a number of resources to help you to complete the toolkit and update staff in your organisation around GDPR.

Please download below:

» Training PowerPoint

» Toolkit Requirements resource guide

» Roles and Responsibilities Guide

» About the Data Security and Protection Toolkit

» How to complete the NHS Mail Social care Registration Portal

» Guide for Social Care Organisations using NHSmail

» Computer Skills Workbook

Contact Us