A Leicestershire-based IT provider has become the first public sector body to connect its own local email system to the NHS’ new secure email service.
The Leicestershire Health Informatics Service has been accredited to link local email with NHSmail2 – Photo credit: Flickr, CC BY 2.0
Leicestershire Health Informatics Service, an NHS shared service formed in 2001 as an arms length business, provides services to healthcare bodies in Leicester, Leicestershire and Rutland.
According to a statement from LHIS, “local circumstances determined it was not yet right for the informatics service to migrate to NHSmail2”. This is the secure email service that NHS bodies across England and Scotland use to share patient identifiable and sensitive information.
Although there are more than 1 million accounts, not all organisations have chosen to use NHSmail and some of the local mental health, community, acute and social care providers covered by LHIS are not on the system.
This meant that LHIS needed to retain its own system to make sure they could still exchange information, and NHS Digital – which manages the emails service – has set up a secure email standard to allow non-NHSmail users to communicate with others inside and outside the NHS.
The accreditation sets out minimum standards for email systems, and LHIS head of services Ian Wakeford said that the award allowed them to “achieve the best of both worlds”.
He said: “[We’re] not losing the local benefits we have developed over years, but combining that with being able to securely communicate with all of the NHS and government secure domains that NHSmail2 has connectivity to.”
LHIS said that customers would be able to share sensitive information securely with other government secure domains, such as the Government Secure Intranet and criminal justice system, which it said could reduce the administrative burden.
A further aim of connecting to the secure email service is to help reassure staff that they can send sensitive information by email – something LHIS said previously caused a lot of nervousness – and replace less secure fax processes and support the drive for a paperless NHS.
The move is also likely to help other NHS organisations improve secure sharing of patient information, even if they are not ready to move onto NHSmail2.
Chris Biddle, IT Assurance Manager at LHIS said: “There is no reason why other NHS organisations’ IT departments cannot do this. It takes time to work out what is required and make sure everything is in place, but ultimately it is within everyone’s grasp.”
Biddle said that gaining accreditation involved a cross-organisation collaboration to scrutinise how information is managed securely, which he said led to an “even stronger culture of security and governance”.
Meanwhile, Cleveland Henry, programme director at NHS Digital, said the accreditation was a “positive milestone, which has allowed us to refine and streamline the accreditation process” and demonstrate the opportunities available in securing their email services to NHSmail.
In November last year, a bug in the NHSmail2 system meant that 850,000 staff received a deluge of reply-all emails, while others were unable to access their email accounts.
NHS Digital said at the time that a bug in the supplier’s system meant that a test email sent by an IT contractor using the secure email service “inadvertently included everyone on the NHS Mail system”.