NHS Leicestershire Health Informatics Service (LHIS) are the first public body to receive the NHS Digital ISB1596 accreditation, allowing faster and secure communication between NHS organisations, local authorities and other secure government domains
LHIS has become the first public sector organisation in the country to be able connect its own local email system to NHSmail2, allowing thousands of staff across different organisations to better communicate, and share crucial information more quickly and securely. The landmark project could now help NHS organisations throughout the UK improve the secure sharing of patient information between health and social care professionals.
LHIS, an NHS shared service provider, became the first NHS organisation to obtain the accreditation by working with NHS Digital, after local circumstances determined it was not yet right for the informatics service to migrate to NHSmail2; a Department of Health approved service used by healthcare providers in England and Scotland for sharing patient identifiable and sensitive information.
The health informatics service, which provides IT services to healthcare organisations primarily in Leicester, Leicestershire and Rutland, and to other organisations across the country, had already created an interconnected email community to allow sensitive information to be shared between its local mental health, community, acute and social care providers.
With some of these providers not yet using NHSmail2, LHIS needed to retain its own system to ensure its customers could continue to exchange information with their local care partners. As a result, it has subsequently become the first NHS organisation to work with NHS Digital to navigate the accreditation process, to achieve the necessary ISB 1596 standard, and connect its own secure email system to hundreds of thousands of NHSmail2 users across the UK.
“The configuration of our email system in Leicester, Leicestershire and Rutland is vital for effective workflows and business processes, already allowing secure communication between community providers, local authorities and our local acute trust through private data links.
The time was not yet right for us to move to NHSmail2 but we did want to take advantage of securely communicating with NHSmail2 users and beyond. Accreditation from NHS Digital to connect to NHSmail2 is allowing us to achieve the best of both worlds, not losing the local benefits we have developed over years, but combining that with being able to securely communicate with all of the NHS and government secure domains that NHSmail2 has connectivity to.”
Ian Wakeford, Head of Service LHIS
LHIS achieved the standard by drawing on internal expertise, without the need for extensive consultancy. The informatics service is now ready to support NHS organisations across the country, and is already starting to engage in conversations with those that wish to obtain accreditation.
“Achieving accreditation was a cross-organisational project involving all parts of LHIS working together, to scrutinise in great depth how information is managed securely, leading to an even stronger culture of security and governance, from which we can provide strong assurances to our partners.
There is no reason why other NHS organisations’ IT departments cannot do this. It takes time to work out what is required and make sure everything is in place, but ultimately it is within everyone’s grasp.”
Chris Biddle, IT Assurance Manager LHIS
“With over 1 million email accounts, NHSmail is used extensively across the health and care systems. However, it’s a complex environment, with many organisations operating within it, and it is acknowledged that NHSmail, whilst an important national service, isn’t always the choice for every organisation.
It has always been the aim of the NHSmail programme to ensure secure connectivity capability is in place to enable exchange of email between non-NHSmail users within the NHS and outside of the NHS. With this in mind we developed the Secure Email Standard (ISB 1596) which seeks to establish the minimum requirements for email systems in health, public health and adult social care to support secure communications.
LHIS successfully achieving this standard is a positive milestone which has allowed us to refine and streamline the accreditation process through engagement with LHIS, and demonstrate to the wider stakeholder community the opportunities available in securing their email services to NHSmail.”
Cleveland Henry, Programme Director at NHS Digital – which manages the NHSmail service
Where appropriate, and where established information sharing agreements permit, LHIS customers will also be able to more securely share sensitive information with other government secure domains, such as the Government Secure Intranet and criminal justice system. This is expected to further improve secure flows of information and reduce administrative burden.
Thousands of staff will also save time that can be reallocated to patient care. Previously staff nervousness about what they could send by email if it covered anything sensitive, required secondary communication such as fax or phone, to share necessary details. Now communication can take place in a single transaction, saving time and avoiding delays.
The secure email project will also contribute significantly to local drives to eliminate outdated and less secure fax processes, replacing hundreds of fax machines with secure and auditable email, whilst also supporting wider national initiatives, including the drive towards creating a paperless NHS.
“The entire health and social care community we serve is looking to this connection as a means to remove paper and faxes from the way that we transact with each other. As new models of care take shape, a means of communicating sensitive information securely is more important than ever. Now we can start the work to become end-to-end digital in the way we communicate sensitive information to and from each other.”
Ian Wakeford, Head of Service LHIS