Sending an encrypted from NHSmail to a non-secure address

Similar documents
Encryption Guide for NHSmail

Guidance for sending and receiving an encrypted NHSmail

Accessing Encrypted s Guide for Non-NHSmail users

Cyber Security Guide for NHSmail

Pharmacy - Frequently Asked Questions

NHS Lanarkshire Clinical Mailbox User Guide. For use in Community Pharmacies. CLINICAL Mailbox User Guide V8 For CP September 2014 Page 1 of 15

NHSmail Migration Communications Plan Template

How to complete the NHSmail Social Care Provider Registration Portal

NHSmail 2 User Transition Guide

HSC Secure Service

NHSmail 2 Outlook Web App Learning Series. Outlook Web App Instant Messenger Transcript. Copyright 2015 Health and Social Care Information Centre

Communication. Identity

Use of and Instant Messaging (IM) Policy

Desktop Configuration Guide for NHSmail

ADP Secure Client User Guide

Office 365: Secure configuration

Mobile configuration guide for NHSmail

RPost's Registered services and Evidence issues within the United Kingdom Legal System

Along the top of the Inbox is a toolbar with icons for commonly used functions within .

User Manual. [Outlook Web App 2013] Central Information Systems Division

To: Proofpoint Protection Server administrators From: Proofpoint Re: Informing your user community about encrypting and decrypting secure

OWA 2013 Getting Started

Archiving (Archive Manager)

DOCUMENT CONTROL Electronic Mail Policy 8 HI002

NHSmail: social care overview. April 2018

NHSmail mobile configuration guide Apple iphone

CTP SUBMISSION PLATFORM

NHSmail 2 Skype for Business Learning Series. Introduction to Skype for Business. Copyright 2015 Health and Social Care Information Centre


Skype for Business File Transfer

Electronic Communications with Citizens Guidance (Updated 5 January 2015)

NHSmail Portal User Guide: Guide for New Users

DLP Data Recipient Spec Manager User Guide

Outlook 2010 Common Tasks

2013 edition (version 1.1)

TECHNICAL WHITE PAPER. Secure messaging in Office 365: Four key considerations

AN IPSWITCH WHITEPAPER. 7 Steps to Compliance with GDPR. How the General Data Protection Regulation Applies to External File Transfers

DATA PROTECTION. OneWorld Encrypted Messages USER GUIDE

NHSmail LOA webinar. Tuesday 23 August. Hayley Miller Engagement Lead, NHS Digital Chris Gibbons Communications Lead, Accenture

Vanguard Secure Service (VSES) User Guide

MHC CAR USER GUIDE

Enter your username Enter your password

Getting started in Outlook Web App

This factsheet intends to provide guidance on how you can manage your s. You will discover:

ProofPoint Protection Perimeter Security Daily Digest and Configuration Guide. Faculty/Staff Guide

Bank of Hawaii Protecting Confidential . What's in this User Guide

Click the Options link in the upper right corner of the Outlook Web Access window (see illustration below).

School Mail System. - Access through Outlook Web Access. User Guide FOR. Education Bureau (EDB)

Bring Your Own Device (BYOD) Policy

Evaluating Encryption Products

GroupWise to Outlook Feature Translation

Patient Reported Outcome Measures (PROMs)

Organising your inbox

Account Restrictions Agreement [ARA] Required by LuxSci HIPAA Accounts

Secure Messaging Buyer s Guide

CLOUD MAIL End User Guide. (Version 1.0)

Social care: local sponsorship model application process guidance

SCUtils Connector 2016 Guide Solution for Microsoft System Center 2016 Service Manager

NHSmail mobile configuration guide Apple ipad

Navigation Bar Icons

Web-based Interface User Guide

is still the most used Internet app. According to some studies around 85% of Internet users still use for communication.

Recipient USER GUIDE

Secure File Transfer External User Guide. Guidance for 3 rd Party Recipients of Secure File Transfers from Lloyds Banking Group

University of Chicago Medical Center. Secure Gateway. Procedure. CBIS Information Security Office

Health Services Advisory Group, Inc. Hawaii epasrr Frequently Asked Questions

OUTLOOK WEB ACCESS UOW USER GUIDE INDEX

User Manual Message box for the Point of Single Contact. November 2009 version. Gebruiksaanwijzing Berichtenbox voor het Dienstenloket 1

Sevocity v.12 Provider-Patient Data Exchange (PPDX) User Reference Guide

Switching to Gmail from Microsoft Outlook Learning Center gsuite.google.com/learning-center

EasiShare ios User Guide

Websense Secure Messaging User Help

SECTION 5 USING STUDENT

PGP(R) Desktop Version 10.1 for Mac OS X Release Notes

CDI Provider Inquiry Notification and Response

Introduction Secure Message Center (Webmail, Mobile & Visually Impaired) Webmail... 2 Mobile & Tablet... 4 Visually Impaired...

NHSmail Skype for Business

simply secure IncaMail Information security Version: V01.10 Date: 16. March 2018 Post CH Ltd 1 / 12

Outlook for ios App Store Outlook for Mobile - iphone

WEBMAIL INTERFACE MANUAL GUIDE

ISB Secure Standard

UNIVERSITY OF WOLLONGONG MICROSOFT OUTLOOK

MPDS Configuration Sheet MS Outlook 2000 Mail Client

POLICY. Version: 1.1 Quality and Performance Committee Date ratified: 12 th July 2017

USER GUIDE. EBMS SECURE MailGate


BlackBerry Enterprise Server for Microsoft Exchange Version: 5.0. Feature and Technical Overview

UCHC Dept. Information Technology Outlook Web Access User Guide. Using UCHC Outlook Web Access 3/6/2012

Certificate service General description Implementation project of a national Incomes Register

Cirius Secure Messaging Enterprise Dedicated Cloud

Digital Certificate Service (DCS) - User Guide

The below Summary of Rule Changes and the Additional Guidance 2016 Reporting Period is informational for all clients.

19 Dec The forwarding and returning obligation does not concern messages containing malware or spam.

With Online Fax, you can send and receive faxes, view queued/archived faxes, add contacts from the following North American locations:

Information Security Controls Policy

AN INTRODUCTION TO OUTLOOK WEB ACCESS (OWA)

Health Link Frequently Asked Questions

Acceptable Use of Policy

Implementation Guide for Delivery Notification in Direct

Using web-based

Transcription:

Sending an encrypted email from NHSmail to a non-secure email address January 2015 V0.3 Copyright 2013, Health and Social Care Information Centre. 1

Contents Introduction 3 When to use the NHSmail encryption feature 3 How to send an encrypted message 3 Keeping encrypted emails secure 4 Help and further guidance 5 Frequently asked questions 5 Copyright 2014, Health and Social Care Information Centre. 2

Introduction NHSmail includes an encryption feature that allows users to exchange information securely with users of non-accredited or non-secure email services. Once a message is sent from NHSmail it is encrypted and protected with a digital signature to assure the recipient that the message is authentic and has not been forged or tampered with. Formatting of the message is preserved and attachments can be included. When to use the NHSmail encryption feature NHSmail users can exchange sensitive information securely with other NHSmail users without needing to use the encryption feature. NHSmail users can also exchange sensitive/patient information securely with users of the other secure Government domains 1 (referred to as the secure email boundary), provided the processes detailed in the NHSmail Acceptable Use Policy (AUP) are followed (http://systems.hscic.gov.uk/nhsmail/policies). If users need to exchange information securely outside of the above secure email boundary, they can do so by using the NHSmail encryption feature. Encryption should primarily be used to exchange sensitive data as part of an agreed clinical workflow, and users should follow any local Information Governance policies that in place locally for sending sensitive data. Note: sending an encrypted e-mail to secure government email address may result in nondelivery as email to these addresses is already secure. How to send an encrypted message Before sending patient or sensitive data via the encryption service, it is good practice to set up the encrypted channel which helps safely verify the correct recipient. 1. First, send the recipient the Encryption Guidance for recipients document which you can find in the NHSmail Training and Guidance pages at: https://web.nhs.net/portal/informationguidanceservices/defaultpage.aspx in the section Emailing sensitive or patient identifiable information. 2. Next, follow the steps below to send an initial encrypted email but do not include patient or sensitive information. Once the recipient of the information has registered for the encryption service and confirmed to the sender this has been done, patient and sensitive data can be sent within an email or as an attachment subject to local information governance policies. 1 For the full list of secure domains see the NHSmail training and guidance pages (https://web nhs.net/portal/informationguidanceservices/defaultpage.aspx) in the section Emailing sensitive or patient identifiable information. Copyright 2014, Health and Social Care Information Centre. 3

3. To send an encrypted email, log into your NHSmail account (either via an email client such as Outlook or via the web portal at www.nhs.net) and create a new email message in the normal way. 4. Ensure the recipient s email address is correct 5. In the Subject field of the email, enter the word [secure] before the subject of the message. The word secure must be surrounded by the square brackets for the message to be encrypted. If square brackets aren t used, the content of the email will be sent in plain text and may potentially be exposed to interception or amendment. 6. Compose the message 7. Add any required attachments (once the initial registration process has taken place) 8. Click on Send to send the message. An unencrypted copy will be saved in your Sent Items folder. The service will then encrypt the message and deliver it to the intended recipient. The sent item will be stored unencrypted in your Sent Items folder, and any replies received will be decrypted and displayed as normal in NHSmail. N.B. [secure] is not case sensitive and [SECURE] or [Secure] for example could also be used. Keeping encrypted emails secure Before sending an encrypted email, you should ensure that the recipient is expecting it and is ready to handle the contents appropriately either as part of an agreed clinical or sensitive business workflow, particularly if it contains sensitive or patient identifiable information. Exchanging patient/sensitive information should be done in accordance with local information governance policy/procedures and the NHSmail Acceptable Use Policy. There are a number of attachment types which aren t permitted to be sent via NHSmail, these include.exe files. If a non-permitted attachment is detected it will automatically be Copyright 2014, Health and Social Care Information Centre. 4

removed. For the full list of non-permitted attachments see the NHSmail training and guidance pages (https://web.nhs.net/portal/informationguidanceservices/defaultpage.aspx) in the section Policy and Procedure / Blocked file extensions and attachments. Please note: it is your responsibility, on behalf of your employing organisation, to safeguard any data received in line with the data protection and information governance requirements agreed between your organisation and the receiving organisation. You should retain unencrypted copies of any encrypted email received in your local information repositories. Help and further guidance For help please visit the Trend Micro support site at: http://www.privatepost.com/support/faqs.aspx Or call the national NHSmail helpdesk on 0333 200 1133 or email helpdesk@nhs.net Recipients of NHSmail encrypted emails who require help with registration should refer to the help provided on the registration website. Frequently asked questions Q: Where is the data processed? A: Data is encrypted on the NHSmail platform within the United Kingdom. When a recipient of encrypted email authenticates to the service to open the encrypted content, or uses the zero based download reader (Trend Micro software used to access encrypted files) these actions are processed in the United Kingdom. While being processed, the message is cached by the UK servers for up to an hour and then permanently erased after the hour elapses. Once encrypted, the reply is only unencrypted when it arrives on the NHSmail platform within the United Kingdom. Q: Does the encryption feature work when NHSmail is accessed on all browser types and devices? A: Yes. Q: Is message tracking (e.g. delivery or read receipts) available on encrypted emails? A: No. Q: Do I have to register for the service to decrypt replies? A: No. Replies are received encrypted to the NHSmail service. Once received into the NHSmail data centre the reply is decrypted and delivered to your inbox as though it was a normal email. Q: Can I set up an application linked to NHSmail which will send automated encrypted emails? Copyright 2014, Health and Social Care Information Centre. 5

A: Yes, as long as the subject line contains the encryption keyword [Secure] and the application is locally signed off for clinical use. Q: Can encrypted replies received by generic mailboxes be accessed as normal? A: Yes. Q: What is the maximum attachment size I can send on encrypted email replies / forwards? A: 20Mb Q: What types of attachments can be included on encrypted email replies / forwards? A: Certain file types are blocked by the NHSmail service and cannot be sent or received. The list of blocked attachments can be found on the NHSmail training and guidance pages (https://web.nhs.net/portal/informationguidanceservices/defaultpage.aspx) in the section Policy and procedure / Blocked and allowed attachments. Q: Is the service suitable for urgent, real time communication? A: As the service sends and receives email over the Internet there are no guarantees that a message will reach its intended recipient as Internet email can be silently lost, even when delivery reports are requested. Equally there is no guarantee on how quickly the message will be delivered or the availability of the service the recipient uses to process the message. We would recommend organisations using the service design mitigations through their business processes around loss of messages or being unable to open them. Q: Can the service be used to communicate with nhs.uk email addresses? A: Yes. Organisations that run their own local email service can receive encrypted emails from NHSmail users and reply to them avoiding the need for having both a local and NHSmail email account. Copyright 2014, Health and Social Care Information Centre. 6

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback