1 / 26

NHSmail ….. Safe, Secure Communication

NHSmail for Community Pharmacists 28 th February 2010. NHSmail ….. Safe, Secure Communication. NHSmail - Objectives. Understand how NHSMail is different from any other email service in the NHS

nevina
Download Presentation

NHSmail ….. Safe, Secure Communication

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. NHSmail for Community Pharmacists 28th February 2010 NHSmail ….. Safe, Secure Communication

  2. NHSmail - Objectives • Understand how NHSMail is different from any other email service in the NHS • Understand how NHSmail can be used as an organisational resource and by a pharmacist user in a practical and cost effective way • Understand outstanding issues and facilitate take-up of NHSmail by the “Multiples” • ……

  3. What is NHSmail? • Why is NHSmail different: • Its centrally funded • Safe and Securethe only way to send patient and confidential data • Available to all staff in the NHS and to NHS business partners • A resilient, 24x7x365 service

  4. Benefits of NHSmail • Accessibility • A National Directory

  5. Benefits of NHSmail • Calendars can be shared within and between organisations • Send fax and SMS text messages direct from email • Email address remains the sameeven if user changes organisations

  6. Benefits of NHSmail • 24 hours a day7 days a week365 days a year • …………helpdesk

  7. Benefits of NHSmail • On line training package availablenww.connectingforhealth.nhs.uk/nhsmail/training/

  8. As a pharmacy Group you could send to: All staff in an identified group – eg Boots All Staff in an identified group in a selected PCT area All staff in an identified group and selected seniority – eg Senior Pharmacists Using Dynamic Distribution Lists Benefits of NHSmail - corporate

  9. Benefits of NHSmail - corporate • Set up generic mailboxes that can be accessed and shared between departments or groups of pharmacists • Cro-pct-disp.BootsC607@nhs.net

  10. Benefits of NHSmail - corporate • Centrally funded: It is free for staff and the organisation at the point of use • Service SLA’s in use and guaranteed not to lose any data

  11. Benefits of NHSmail - corporate • Secure service – How is it a secure service?

  12. Service Security: Principles Compliance with CFH Security Principles Compliance with the HMG Manual of Protective Security Compliance with HMG standards in order to gain RESTRICTED accreditation Least privilege Defence in depth 6 separate security zones Separate perimeter security zones for N3, GSI and Internet with no shared infrastructure Only authenticated traffic allowed beyond the perimeter security zone to further security zones Control value shall not exceed the data being protected Elevating trust as data passes through control points Separation of duties Physical and logical

  13. Service Security: In Practice Same security model as secure Government/ Military systems NHSmail is an accredited RESTRICTED service (IT Security Health Check Service) List X environment (SECRET/Military services) Physical/ Procedural security associated with processing classified data All Staff on the project hold Government SC/DV Status and are Counter Terrorist checked CESG regular penetration testing, inspections and audit Strict ITIL management (2 man rule, change control etc) CTAS code reviews on any bespoke code Dual site service with no single point of failure CESG – Nat Tech Authority for Info Assurance CTAS – tailored assurance service – IA arm of GCHQ ITIL – IT Infrastructure Library – widely regarded policies and practices within IT

  14. Service Security: Secure Boundary Aligned to the RESTRICTED (IL3) boundary NHS NHSmail (*.nhs.net) Central Government xGSI (*.x.gsi.gov.uk) GSI (*.gsi.gov.uk) GSE (*.gse.gov.uk) GSX (*.gsx.gov.uk) CJX (*.police.uk *.pnn.police.uk *.cjsm.net) SCN (*.scn.gov.uk) Local Government GCSX (*.gcsx.gov.uk) All email sent between these domains do not need encrypting as the entire environment/infrastructure is accredited with strict end point access controls Email sent to or received from any other domain is untrusted (open to forging, interception or alteration)

  15. Endpoint (User) Security: Technical All access methods use 128 bit SSL/TLS Web based access connecting through: Internet A combination of a virtual keyboard and a password field Default no attachment downloading unless the user overrides In the future this may be automated via end point compliance scanning 30 minute time out N3/GSI Standard password field used for login Default allows attachment downloading with no ability to turn off 8 hour timeout Mobile access Only via Exchange Activesync (direct push) – no Internet IMAP/POP support Self wipe capability Policy applied to supported devices (password, lock etc) http://nww.connectingforhealth.nhs.uk/nhsmail/technology/nhsmailmobiledevices.pdf

  16. Endpoint (User) Security: Policy Every Organisation signs up NHS: IGSoC Non NHS: Third Party Access Agreement Every User signs up Acceptable Use Policy Displayed on every page

  17. Endpoint (User) Security: MS Outlook By default Outlook data is protected by operating system independent ‘Compressible Encryption’. This prevents it from being read with a text editor via its encoding algorithm.

  18. NHSmail – Pharmacist Package • NHSmail is available now for all Community Pharmacists • A series of Pilots to run from Dec to April 2010 • Guidance and support to be given to establish a consistent and efficient rollout of NHSmail. Emphasis on: • firewall changes • standardised naming • directory entries • Maximising benefits

  19. NHSmail – Pharmacist Package • An email account for each dispensary site • An email account for each pharmacist • N3 Filter changes completed • User guide • Helpdesk guidance • Invitation to a training / registration session

  20. NHSmail – Pharmacist Package • PCT / Supplier to provide: • Project Lead • ICT / Training support • Helpdesk (in addition to Nat helpdesk) • Communications to Pharmacists • Spreadsheet of Dispensary Sites • Spreadsheet of Pharmacists

  21. NHSmail – Benefits to the Pharmacist Secure communications Infrastructure

  22. NHSmail – Pharmacist Package • Pilots running to date:

  23. Who is using NHSmail? • 490,000 email accounts on the service – 41% year on year growth • 2.3 million emails sent/received daily - 28% year on year growth • 55% of users use the service for clinical communications (2007 survey)

  24. A developing service • NHSmail is now using Microsoft Exchange 2007 • Why? • The gold standard in usability and functionality • Enhanced mobile connectivity • Integrates with other products/services – an opportunity to develop a strategy for NHSmail as a unified communications platform

  25. A developing service

  26. Further information Websites: www.connectingforhealth.nhs.uk/nhsmail nww.connectingforhealth.nhs.uk/nhsmail To register: www.nhs.net Contact us: feedback@nhs.net

More Related