View navigation

We are now part of the Humber and North Yorkshire Health and Care Partnership. Click here for more info.

NHS Mail for Secure Communication


We have collated a list of frequently asked questions that providers have on NHS Mail, including why the accounts are neded and what they should be used for as well as technical and set up questions. We have also created a handy video for care providers to answer frequently asked questions you may have. To access this video please follow this link. For further information and support please contact

The requirement for all care providers to have a secure email account is mandated in the Health and Social Care Act 2012, this is to ensure that all information send to and from care providers is transferred securely and following the principle of the Data Protection Act. For most providers NHS Mail is the best solution to this requirement as it is free to access, puts providers on the same system as all NHS services to allow direct communication between health and social care, and well as coming with automatic access to Microsoft Teams.  Local authority care providers have .gov accounts which are also classed as secure, and a very small number of providers have "accredited" email systems which have met a series of requirements.

Using NHS Mail with the most efficient and secure way to communicate with a wide range of health professionals that provide support and clinical input into care providers, including GP practices, hospital trusts, district nursing, mental health and pharmacy. It can be used to replace communication previously done through fax or over the phone (such as sharing of care plans, collecting test results or ordering of medication). A large number of care homes are using NHS Mail to support virtual consultations or ward rounds with their GP practice, allowing staff to send and receive information during these.

If you don't yet have an NHS Mail account, please contact to receive the application form. Please note that all newly registering providers must now have completed the Data Security Protection Toolkit (DSPT) to Approaching Standards level as detailed below.

You will need to verify your organisation by either emailing from the address CQC hold for the service/registered manager, OR by calling the national NHS Mail helpdesk 0333 200 133 from the registered phone number held by CQC for the service. You will need to explain that no active users remain at the home and that you need to set up new users.

Each care provider set up with NHS Mail will have a generic or shared mailbox which all individuals with accounts can access, and an individual account for each user.  We recommend most communication is done via the shared mailbox as then multiple people can view any emails that come in. The shared email addresses for active providers have been shared with health service.

When you are initially set up as a user you will receive a text message with your password and a welcome email showing you how to log in. If you haven't got your initial log in password or email address then please email to request these are resent.

Once you have logged into your account you must accept the "Acceptable User Policy" to able to able to use your account. Then to open your shared mailbox here is a quick video showing you how to do that.

If you need to reset your password, if you have previously set up security questions then by providing the answer to these you will be able to send yourself a new password by text.  If you have not set up security questions then you will need to contact the national helpline by calling the National NHS Mail helpdesk on 0333 200 1133 (then press option 1, and option 1 again)

Each provider using NHS mail will automatically have 2 users set up as part of the registration process. We recommend that within a care home, staff who regularly need to exchange information with health services have an NHS Mail account. Many homes have set up admin staff and senior nurses or carers with access. Within a domiciliary or supported living service the same principles of who should have an account should be followed.

For a quick video showing how to set up new staff, please follow this link.  The limit on number of staff each organisation can have has now been removed, meanng providers can set up an unlimited number of staff should they need access.

Currently, NHS Digital states that to continue having NHS Mail access providers will need to complete the Data Security Protection Toolkit to at least "Approaching Standards" level. The DSPT is an information governance self assessment toolkit to demonstrate compliance with the Data Security Act and CQC Key Lines of Enquiry among others, and for all care providers with an NHS contract it is a requirement to review this annually. If you are in a larger care provider it may be worth discussing this with your company information governance lead. For more information please visit:

Stay connected