Lancashire Care NHS Foundation Trust

Lancashire Care NHS Foundation Trust: Securing Communications with Third Parties

Briefly describe the initiative/ project/ service

Providing a varied range of health and wellbeing services at over 400 sites, Lancashire Care NHS Foundation Trust (LCFT) employs 7,000 staff members and supports 1.6 million citizens. It is critical to service delivery that LCFT’s employees are able to communicate highly sensitive patient information efficiently via email or by sending large files to each other and with a network of third parties, including local authorities, private sector supply chain organisations and healthcare charities. While secure communication can be facilitated by NHSmail, this requires end users accessing government secure networks and therefore excludes private or third organisations. Additionally, in circumstance such as nurses working in schools being unable to access a secure mailbox, it was clear that LCFT needed to find a solution that would work alongside NHSmail to enable employees to secure all shared sensitive information. As a result, LCFT undertook the ‘Securing Communications with Third Parties’ project, using a combination of
NHSmail and Egress Switch Secure Email and File Transfer to provide government certified and accredited encryption direct from employees’ mailboxes.

Why do you think IT should win this award?

As a data controller, Lancashire Care NHS Foundation Trust (LCFT) is responsible for protecting these, often highly vulnerable, individuals from the harm that a breach of their personal data could cause. Consequently, the ‘Securing Communications with Third Parties’ project has at its heart NHS staff and the patients they treat.
Using Egress Switch Secure Email and File Transfer, LCFT employees can always access comprehensive information security measures while remaining flexible to deliver often lifechanging health and wellbeing services how they need to. When selecting the solution, LCFT was aware it needed to be easy for NHS staff to use whilst carrying out their day to day patient duties and crucially wouldn’t create barriers to this work. Offering full email and large file encryption straight from the users’ email client, Switch enables LCFT employees to remain compliant with UK data protection legislation at the click of a button. In addition, the solution simplifies secure information sharing using domain based routing, meaning users no longer have to send separate emails to secure and nonsecure recipients.

What are the key achievements?

The ‘Securing Communications with Third Parties’ project has delivered significant benefits for Lancashire Care NHS Foundation Trust (LCFT), including:

  • Protecting NHS patients’ confidential information in line with UK legislation, regardless of the service they are receiving or where they are treated, making information security accessible to all staff without adding complexity to their work
  • Improving efficiency and cost savings, as staff now rely on secure electronic communications rather than costly and slow postal / courier services
  • Delivering government approved encryption at all times, whether through NHSmail or Egress Switch, the only solution to have received both CPA certification and PGA accreditation
  • Ongoing compliance with the UK Data Protection Act and other legislation, protecting LCFT from the reputational damage and financial penalties (currently up to £500,000) caused by a data breach

LCFT’s third parties are always able to communicate securely with the trust, either using their own government secure networks or via Switch, which enables them to access, reply to and initiate secure emails and file transfers free of charge – and ultimately provides end to end protection for citizens’ sensitive data