Your privacy is important to the NHS - patient confidentiality is built into the NHS account
(accessed via NHS App or nhs.uk) and the NHS upholds the highest levels of privacy and
protection to health records.
The NHS account has given patients secure and safe access to services and their data for
many years. It is subjected to ongoing security assurance activities using current guidance
and practices.
The NHS login service has been designed to keep your personal information secure. It has
been independently tested against standards set by the National Cyber Security Centre
(NCSC). It meets the highest standards required by data protection regulation such as
Data Protection Act 2018, the standards set by the National Data Guardian and by the
Government Digital Services Digital by Default Design Standards.
Extensive assurance work has been undertaken to ensure the safety and security of the
NHS account. Privacy risks have been identified and mitigated with the rights of individuals
being carefully protected and that the use of data is lawful. This will be supported by a
(legally required) Privacy Notice which sets out to the public how their data is used in the
certification process, who provides it and who has further access.