Auto-forwarding emails? Our policy is changing



As we move towards our emails meeting NHS Digital's security standards, the automatic forwarding of emails from Trust’s (eastamb) accounts will now only be permitted in limited circumstances. 

  1. Setup of auto-forwarding using the 'Start Forwarding' option has been permanently disabled for all staff, and anyone who had this setup has had it removed (with the exception of those already authorised).
  2. Using 'Inbox Rules' to automatically forward emails to another or other secure mail domain: if an individual decides to set up an auto forward of emails they receive by creating an inbox rule that forwards to another member of staff within, these emails will be delivered.
    In the same vein, if it is to a secure mail domain such as, it will also be delivered.
    These rules are the responsibility of the individuals.
  3. Using “Inbox Rules” to automatically forward emails to unsecure domains: If an individual sets an Inbox Rule to forward email to an unsecure domain, these emails will not be sent.

Automatic forwarding of emails at source is not permitted without authority from the IM&T Security and Resilience Manager, the Deputy Head of IM&T or the Head of IM&T.
Requests for auto-forwarding should be made to the IT Service Desk stating your justification.
Requests will be considered on a case by case basis. 

Breaching these rules will be seen as a deliberate breach of policy and disciplinary action may be taken.
Staff should also be aware that any breach may lead to prosecution under current legislation.

Access to Trust email is permitted from any internet connected device via

Personal devices (i.e. smartphones, tablets, etc) may be used to access Trust email accounts using in-built or 3rd party mail clients provided staff accept that their devices will become enrolled in the Trust’s Mobile Device Management solution, that policies will be enforced on their device by the Trust and that the Trust will have control over that device via the company portal.

Please remember that until it is announced that eastamb email is secure (with the exception of some staff information for justifiable business purposes only) all personal data and all patient identifiable data must be sent using NHSMail.

Published 20th December 2018

Please ensure if you are posting a comment, you must include your name in full (first and surname). Thank you.

Leave a Comment
Name (required)
Email Address (required, never displayed)
Enter a message

(all comments are moderated - your submission will be posted on approval.)