Although we protect our email with passwords, it can still be relatively easy for unwanted people to intercept and access the emails that we send.

To make email more secure, it needs to be encrypted. Unless you have bought or installed an email system which has an option to encrypt messages, your email is unlikely to be secure.

To use email to share health and care records, your email system must adhere to the Secure Email Standard (DCB1596). There are more details on how to comply with this standard on the following pages.

The email addresses which end with the following domains are secure enough to share health and care information:

  • nhs.net
  • .secure.nhs.uk (note that email addresses ending nhs.uk without ‘secure’ are not secure.)
  • .gov.uk
  • .cjsm.net
  • .pnn.police.uk
  • .mod.uk
  • .parliament.uk