Free whitepaper

Has O365 closed the NHS to data leaks?

When NHSMail went live with O365 in June,
efficiency, collaboration and security were the
positive messages. But, do NHS staff and patients
now truly have the comfort of safe communication?

We see that organisations increasingly recognize that extra measures are needed to provide maximum protection from potentially damaging data leaks. This is also what Gartner recognizes in its September 2020 Market Guide for Email Security.

I want my free copy

15 pages • 12 minutes reading

  • 0. Introduction
  • 1. Missing functionality to prevent mistakes before sending emails
  • 2. Missing functionality to prevent of interception of email data
  • 3. Missing encryption that guarantees zero-access by the vendor and other third parties
  • 4. Missing functionality to authenticate recipients after delivery
  • 5. Missing functionalities to limit andunderstand the impact of a mistake
  • 6. Limited support for large files
  • 7. Suboptimal experience for guest recipients
  • 8. Conclusion
Unlock full guide


Email is the biggest cause of NHS data leaks – a ‘leaked’ NHSMail from UCLH has led to negative media coverage recently, for example. It’s vitally important, particularly to maintain patient trust and confidentiality, that email data protection is effective and works according to best practices.

Against a landscape of sizable potential secure communications issues, the team at NHS Digital rolled out a standard Microsoft Hybrid implementation of Office 365 (O365 E5) to the NHSMail platform in June 2020. The NHS now uses Office 365 as a basis for email security, meaning that it is relying fully on Office365 products and features, to effectively prevent data leaks and comply with GDPR.

NHS Trusts and CCGs should be asking the question - can O365 fulfil a significant part of the email data protection requirements that have been formulated based on best practices?

Please fill out the form to keep reading