Skip to main content Skip to footer

Information security

Keeping your personal information secure

As an Arm’s Length Body (ALB) to the Department of Health and Social Care and wider HM Government, NHS Business Services Authority are bound to adhere to the HMG Security Policy Framework to ensure our customers data is handled and stored securely. We also further adhere to the  NHS Digital Data Security and Protection Toolkit.  

When we receive your customer data, we protect it in accordance with the standards set by HM Government; however we recommend that all customers emailing us their data do so using a secure email solution as there is no safeguard we can offer before we receive your data. Plaintext email is not a secure method of communication. There are various secure email solutions freely available to the public and we recommend that you utilise these in communicating your personal data with any organisation or body including ourselves when doing so via email. 

For further information, please see: 

Information Commissioners Office Guidance for individuals

NCSC Guide - see Simple Explanation at bottom of the page for email encryption FAQs.