NHSmail Enabling collaboration for health and social care

Help

Service Status

Last updated: 18/03/2019 15:15




Anti-spoofing controls have been re-applied to direct spoofed emails from the internet to the ‘Junk E-mail’ folder within mailboxes. To make sure that you don’t miss any emails that still need to be actioned, please regularly check the ‘Junk E-mail’ folder within your mailbox, including any shared mailboxes that you manage.

This page provides you with up-to-date information on the status of the NHSmail services and any key known issues impacting users.

It is recommended that you regularly check these pages. For further information on any High Severity Service Incidents (HSSI) please refer to the NHS Digital Service Status Page (via N3/HSCN/NHS connection).



Email Gateway/Relay Status
Incoming Internet Email
Outgoing Internet Email
Internal NHS Email
NHSmail Status
Portal (administration tools)
Outlook Web Access (www.nhs.net)
Email Client Access (Outlook)
Mobile/Tablet Access


Complaints and Escalations Process

If you have any complaints about the NHSmail service, please email the national helpdesk. If you wish to raise an escalation, further information is available within the drop-down menu below.

  • NHSmail helpdesk

    LAs and users have the option to escalate incidents they feel have not been dealt with in an appropriate way or where the resolution provided does not answer the original query. Support is in place to deal with escalations 24/7.

    NHSmail helpdesk escalation process steps:

    • The LA / user provides the original ticket reference for the escalation being raised to the helpdesk.
    • The LA / user to provide an explanation of the reasons for the escalation and why the previous feedback has not provided the solution required.
    • The helpdesk should then perform an escalation to the appropriate Subject Matter Expert (SME).
    • If the escalation response is not acceptable then a further escalation can be requested to a higher level
    • Once the issue has been resolved, the helpdesk (or SME that has been dealing with escalation) will notify the originator of the issue via telephone / email to confirm closure of the escalation before actual closure of the incident takes place.

    Feedback mailbox

    The NHSmail Live Service Team also deals with escalations, via the ‘feedback’ mailbox. The team will check the following details before raising an escalation with the supplier:

    • If the incident / issue has already been recorded at the NHSmail helpdesk. If not, the LA / user will be asked to contact the helpdesk unless the incident / issue has service, security or clinical impact concerns.
    • If the incident / issue is still within agreed Service Level Agreements (SLAs) for the severity type (if it has already been raised with the helpdesk), the LA / user will be advised to contact the helpdesk for an update. The agreed incident resolution time is 48 hours excluding non-core hours, non-core hours are 22:00 until 07:00 so effectively this is 3 working days.
    • If a response has been provided by the helpdesk and this has not resolved the issue, and it’s still within 72 hours of the ticket being resolved / closed, the LA / user will be advised to contact the helpdesk to request that the ticket is re-opened.

    If an incident / issue remains unresolved after the above steps have been taken, it will be escalated by the NHSmail Live Service Team to the supplier.


High Severity Service Incidents

In the event of High Severity Service Incidents (HSSIs), information will be provided in this section. You can also see any HSSIs raised within the last 7 days.

  • 27/02/2019 - INC9741921 - NHSmail Helpdesk telephony issues

    Issue Description: The NHSmail helpdesk are experiencing issues with their telephony system and the application used to receive calls is not responding when a call is in the queue.

    27/02/2019 14:45 - Resolved: The telephony system application team ran the debugger for the application which led to the resolution of the issue. They confirmed the application is now stable. Inbound routing to call agents are operational. No further issue reported in the monitoring period.

  • SPAM Emails Containing Phishing Website Links: NHSmail support teams have identified a series of SPAM emails containing phishing website links being sent to users. An account with a nhs.net address is claiming to be from an IT Support Team and is asking users to verify their account by providing their credentials and password. This is not from the NHSmail support team. Users should never click any provided link to verify their accounts. This account has now been deactivated but certain user's may have received an email with a provided link.

  • Outgoing Internet Email – Blacklisting: NHSmail is periodically experiencing issues relating to blacklisting. Please review the Known Issues below for further information.

  • 14/02/2019 - INC9588056 - NHSmail Helpdesk telephony issues

    Issue Description: The NHSmail helpdesk are experiencing issues with their telephony system and users will receive a 'not available' tone when attempting to call. Users wishing to report issues should email helpdesk@nhs.net whilst this issue is ongoing.

    14/02/2019 22:20 - Resolved: The NHSmail helpdesk telephony issue has been resolved and users can contact the helpdesk through this route again.

  • 05/02/2019 - INC9458540 - BT have reported to Accenture that the N3/HSCN link into the Slough data centre is currently down. Resiliency remains to the Hemel data centre. BT have reported this to NHS Digital as a severity 2 incident and this incident is raised to track progress to recovery.

    Issue Description: There is currently no likely service impact to end users, however if the issue still remains as we enter the standard business day we can expect traffic to bottleneck on the single remaining link as it does not hold sufficient capacity. This is a known and reported risk NHS Digital are already aware of.

    05/02/2019 10:00 - Resolved: The issue has been fixed by Virgin Media and BT. All servers are up and running.

  • 21/01/2019 - INC9259722 - A small number of users are experiencing intermittent access their email account through OWA

    Issue Description: A small number of users are experiencing intermittent access their email account through OWA.

    21/01/2019 13:30 - Resolved: The issue has been resolved, but the team will continue to monitor over the course of the day.


NHSmail News

Things that are happening on the service that may impact your use of it.

  • The results of the 2018 NHSmail Customer Satisfaction Survey have now been published and available to all users to review. This presentation provides a summary of the responses along with proposed actions and improvements aimed at increasing satisfaction. There are 7 sections to this presentation deck covering the key topics surveyed along with the actions we're taking to improve the service we provide to you:

    • About you
    • Your use of NHSmail
    • NHSmail National Helpdesk
    • NHSmail support site and Portal help pages
    • NHSmail Skype for Business
    • Local Administrators (LA)
    • Actions and Improvements

  • Following a recent review of how account lockout incidents are dealt with, a step by step guide has been published to assist the Local Administrator community and users by providing information on how to resolve the most common forms of repeated lockouts. This guide is located in the Policy and Guidance section of the Portal help pages, under General Guidance

  • Anti-spoofing controls have been re-applied to the NHSmail service which means that from 12 February 2019 emails spoofing @nhs.net addresses received from the internet will be directed into users’ ‘Junk E-Mail’ folders. Spoofed email received from Transition Network / HSCN sources that spoof @nhs.net addresses will still be delivered to users’ inboxes.

    This security improvement is intended to help keep NHSmail safe and to improve the way that incoming emails are processed to stop spoofing on the NHSmail service. The NHSmail Spoofing Guide outlines what spoofing is and why these changes are being made.

    During 2019, spoofing will be blocked completely from the NHSmail service with the exact date to be confirmed nearer the time.

    Additional information is available on the anti-spoofing controls on the Policy and Guidance page of the Portal under ‘General Guidance’:

    Guidance is also available in the Portal Local Administrator Guide on how to enable / disable NHSmail SMTP / POP / IMAP settings.

  • The Business Continuity and Disaster Recovery (BCDR) testing took place over the weekend of 2 / 3 March 2019. We are pleased to report the testing was successful and resulted in no system outages for users

  • Please find detailed below the dates / times of the upcoming Local Administrator webinars and open sessions. Further information, along with an invitation, will be sent to all Primary / Local Administrators around a week before the scheduled session.

    Date Time Session
    Wednesday 27 March 2019 11:00-11:45 Open session
    Wednesday 1 May 2019 11:00-12:00 Webinar
  • Guidance for sending secure email (including to patients)

    Introduction

    NHSmail is a secure email service which means that data can be sent safely and securely to other email addresses which meet the same high standards of accreditation.

    NHSmail also allows users to securely exchange information with insecure or non-accredited email services via the NHSmail encryption feature. This feature must be used if you are sending any personal or confidential information to a non-secure email address, such as a patient email address.

    Sending sensitive information to non-secure email addresses (including patients)

    You must never send personal, sensitive or confidential information to a non-secure email address unless it is encrypted.

    Encryption is an additional security tool which means users can communicate securely to any type of email account.

    • How do I use encryption when sending from NHSmail?

    All you need to do is add the word [secure] in the subject line of a message - with the inclusion of the square brackets. Before using the service:

    • check local organisation policies and processes on sharing personal confidential data and sensitive information first which will take precedence over this guidance
    • ensure you are familiar with the NHSmail Encryption guidance and process

    You should only use the NHSmail encryption capability if approved to do so locally.

    • What will the patient receive?

    Patients will receive an email which looks like this:

    PRIVATE AND CONFIDENTIAL
    You have received an email message secured by Private Post. Please open the file called Encrypted_Message.htm to read the message.

    When they receive the email, if they have not done so already, they will need to register for the service.

    Once registered they can then open the email in their internet browser. After logging in they will be able to view and reply to the email, confident that their information is safe and secure.

    • Do I need to use [secure] in the subject line if I am communicating with another NHSmail address?

    No. When sending email from NHSmail to another secure service you do not need to take any action.

    You will know if you have an NHSmail email address because it will end in nhs.net. Please note that nhs.uk systems who have not met the accreditation standards are not considered secure.

    Email addresses which meet the same high accreditation and security standards as NHSmail are rare. You can spot them by their endings. They will end in:

    • Nhs.net
    • Secure.nhs.uk
    • Gov.uk
    • Cjsm.net
    • Pnn.police.uk
    • Mod.uk
    • Parliament.uk

    • I don’t use NHSmail, can I send sensitive information to patients?

    You must never send confidential information to or from an email address which does not meet the necessary standards of security.

    Your email provider may have a way for you to encrypt emails so that you can send confidential information securely and to the appropriate security standards. Please refer to your organisation’s IT policies for guidance or speak to a member of your IT team for further information

    Further information is available in the full encryption guide to NHSmail

    Sharing sensitive information summary


Portal Releases, Known Issues and Guidance

Please see the current known issues outlined below:

  • Issue Description: There is an issue whereby the ‘Delete OneDrive’ button is available under the Actions section of the User Details page in the portal for user accounts that don’t have an Office 365 license.

    Latest Update and Guidance: This is being investigated by the development team with a view to ensuring all ineligible accounts have the button greyed out. The fix will be deployed in a future portal release.

  • Issue Description: There is an issue wherein owners are being removed when they update their SDLs, due to the "Add myself as owner" box defaulting to an un-checked state.

    Latest Update and Guidance: This is currently being investigated under PRB0077151 and will be fixed in a future release. As an interim workaround, owners must ensure that the "Add myself as owner" box is always checked when the SDL is updated, otherwise the user will remove themselves as an owner.

  • Issue Description: Mobile report doesn’t correctly show mobile device policies applied through the new security groups.

    Latest Update and Guidance: This is currently being investigated under PBI9941 and will be fixed in a future release.

  • Issue Description: Removing owners from a shared mailbox also removes their membership.

    Latest Update and Guidance: Re-add the owner as a member once they have been removed if membership is still desired.

  • Issue Description: When changing email address the UI accepts email addresses starting and ending with a ‘.’ or with consecutive ‘.’. These are invalid so can’t be saved but the UI presents them as ‘available’.

    Latest Update and Guidance: This is currently being investigated under PBI9938 and will be fixed in a future release.

  • Issue Description: After populating the notes field, if the user then navigates to a user operation (password reset etc) that navigates away from the main page – the notes field is cleared and must be re-populated. Existing notes remain populated in this scenario

    Latest Update and Guidance: This is currently being investigated under PBI9919 and will be fixed in a future release.

  • Issue Description: While trying to open up a SDL with defined owners, the page doesn't load the owners list at first go. A manual refresh is required to populate the owners.

    Latest Update and Guidance: Refresh the page one or two times to pull the owners into view.

  • Issue Description: There is an issue wherein the modal message doesn't show up when Admins set the new security group policy for the SDL.

    Latest Update and Guidance: This is currently being investigated under PBI9852 and will be fixed in a future release.

  • Issue Description: When an account is enabled or flagged as Leaver, an error message comes up, "An exception has occurred. Cannot move user in enable operation. Use the Move user cmdlet instead".

    Latest Update and Guidance: This is currently being investigated under PRB0065567 and will be fixed in a future release. Although the error message comes up, the action is getting executed fine in the back-end. If you get the error message, please refresh the page after a few seconds and you will see that the action (enabling or any other action) is processed successfully.

  • Issue Description: There is an issue with the push connector functionality where CSV files are not being processed.

    Latest Update and Guidance: This is currently being investigated under PBI700000433718 and will be fixed in a future release.

  • Issue Description: When an account is created through the Portal user interface, using the Portal .CSV Upload tools, or via TanSync, the account remains in a status of Pending instead of becoming Active. This applies to creation of shared mailboxes as well.

    Latest Update and Guidance: This issue is currently being investigated under PRB0102761, but the NHSmail team are taking regular action to correct this problem and in many cases without further action being required from the Local Administrator.

    During each working day our engineers are correcting accounts that remain in the status of Pending. This activity occurs in the morning, at lunchtime and late afternoon. With this in mind, we would ask that Local Administrators allow time for this process to complete and re-review the status of the account later in the day before choosing to raise a support ticket with the NHSmail Helpdesk.

    Following the account correction the vast majority of accounts will become Active, however a few accounts may become Disabled or may require re-creating.

    • For Active accounts, no further action is required.
    • For Disabled accounts the Local Administrator should Enable them. They will then become Active.
    • If an account remains in Pending state after 24 hours please re-create the account and disregard the Pending account which will eventually be cleaned up and removed from mailbox reports etc.

  • Issue Description: Creating or updating accounts in bulk using the CSV Upload functionality of the Portal can result in the creation of duplicate accounts with an incremental email address (e.g. joe.bloggs@nhs.net, joe.bloggs1@nhs.net, joe.bloggs2@nhs.net) or accounts that sit in a status of Pending and do not progress to Active.

    Latest Update and Guidance: Although not the sole reason for duplicate accounts and accounts that result in a pending status, the volume of accounts that are included in a single CSV Upload submission is a significant contributor to the the issues being experienced. Likewise, the timing of the CSV Upload submissions can also contribute to a larger volume of issues being experienced during processing. A fix for this issue is currently under review with the expectation that it will be deployed under a future Portal release.

    As a workaround until the fix is deployed, the following recommendations should be followed:

    • Submit files for CSV Upload processing in batches no larger than 1000 accounts per file. If the file contains more than 1000 accounts, you will recieve an error, "Can only upload 1000 users per csv upload attempt".
    • Try to avoid submitting files for CSV Upload during times of day that usage of the Portal is at its peak. Typically this is between 09:00 - 10:30 and between 13:00 - 14:00 Monday to Friday.
    • Avoid re-submitting the same file multiple times

  • Issue Description: When performing a simple search whilst trying to add a user to a Shared Mailbox, a Static Distribution list, or within Admin section (Local Administrators only) the results take an excessive amount of time to return or the search times out.

    Latest Update and Guidance: There is a known issue with the Simple Search options at peak times and this is looking to be optimised in a future Portal release. When adding users to Shared Mailboxes or Static Distribution lists please where possible use the Advanced Search using the email address of the user you are trying to add. Local Administrators have an additional option to support the activities they perform that is impacted by this simple search issue. LAs could run a Mailbox extract (Reports -> Mailbox Report) so they can then identify the users email address in that extract and search for it directly in Advanced Search so the result is found much quicker.

  • Issue Description: There is a known issue with Dynamic Distribution Lists that target a very large volume of recipients whereby a DDL cannot be created or edited due to a timeout error.

    Latest Update - 01/02/2018: A fix was implemented during December 2017 that enabled large DDLs to be created and edited normally and users should proceed to use the Portal user interface to action. However it has been identified that there remains an issue with the creation/editing extremely large DDLs that target more than approximately 21,000 recipients. Whilst a fix for this is being developed, if a new DDL that fails creation or you are unable to edit an existing DDL, please raise a request with the NHSmail Helpdesk quoting the DDL email address and the rule you wish to apply. The DDL will be created/amended as requested by an engineer.

  • Issue Description: When navigating to a Pending Static or Dynamic Distribution List via Profile > Distribution Lists then Administrators may not see the ‘Approve’ or ‘Reject’ buttons.

    Latest Update and Guidance: If you are an Administrator and have a Static or Dynamic Distribution List requiring your review you must find it by navigating to Admin > Distribution Lists. Do not attempt to approve by going via the Profile area.

  • Issue Description: It has been identified that a small number of accounts are getting stuck in the status of either Enabling or Disabling when an account is being attempted to be Enabled or Disabled in the Portal. Problem references PBI700000413347 and PBI700000413348 have been raised to investigate the root cause.

    User Impact: When accounts are stuck in either of these two statuses the Local Administrator will be unable to carry out a password reset or unlock and the end-user will be unable to log into their NHSmail account.

    Latest Update and Guidance: If after leaving the Portal record in the User Management screens and going back into the effected account details the status is still showing as Enabling or Disabling, the Local Administrator should attempt to Disable the account again and wait for confirmation that the action has been successful. If the aim was to disable the account not further action should be required. If the aim was to Enable the account, then the Local Administrator should click on Enable again to complete the process.

    In the event that this process is still unsuccessful then the Local Administrator should log a ticket with the NHSmail helpdesk for support.

  • Issue Description: When an end-user is having difficulty logging into the NHSmail Portal and has tried to use incorrect or expired credentials the account will lock for security purposes after 12 attempts and require support from a member of the Local IT Helpdesk or a Local Administrator to unlock and if necessary carry out a password reset. However, from the point of the last login attempt that has caused an account lock it can take several minutes for the updated account status (Locked) to be reflected in the NHSmail Portal.

    User Impact: If after the number of incorrect login attempts have been made a password reset is carried out prior to the Portal reflecting the Locked status, the account will not be able to be logged into with the temporary password given.

    Latest Update and Guidance: Please can the Local IT Helpdesks and Local Administrators ensure that a minimum of 5 minutes has elapsed from the last login attempt to be sure that the account status has been updated successfully? An interval of more than 5 minutes may be required at peak times. This will ensure accounts are in the correct status before a password reset is performed.

    If it is suspected that an account has hit this issue, the Local IT Helpdesk or a Local Administrator should re-check the account status. If the account showing as Locked, perform an Unlock and if necessary a further Password Reset. If the account is Active, please log a ticket with the NHSmail Helpdesk for further investigation.

  • Issue Description: There will be a delay of 15 – 20 minutes from when a user is removed as a shared mailbox owner to when their access is revoked.

    User Impact: Users will experience a delay from when they remove shared mailbox ownership to when access is actually removed.

    Latest Update and Guidance:

    Users should allow 20 minutes after removing access to a shared mailbox before the change will take place.


Portal Release - 15th March 2019

The following defect fixes and new Portal features were deployed on the evening of Friday, 15th March 2019:

  • 17739- Hybrid 2 – Set MFA when applying the ATP Local Admin role through the NHSMail Portal - NHS Digital have said that all users of the NHSMail portal that are assigned an admin role should have MFA enabled by default. For users holding the ATP Local Admin role, MFA should be at the time of assignment when they are being set as an Owner of an ATP group.

    When a user is added as an owner of an ATP group the following will happen:

    • The user will be assigned the ATP Local Admin role
    • Check to see if MFA is already enabled for the user
    • If MFA is already enabled for the user there is no action
    • If MFA is not already enabled for the user, enable MFA (using the existing coded process)
  • 18963- Hybrid 2 - Editing Project Web App - An O365 Admin or global admin would like to edit a Project Web App, after its creation in the NHSMail Portal. Editing of a Project Web App should be triggered by a user searching for and then selecting a Project Web App, and then selecting update once modifying the details. The below details are what an LA is able to edit.

    • Owners - This must follow the same validation as when adding an owner when creating a Project Web App.
    • Storage - This must follow the same validation for updating the storage quota as is present of the Edit SharePoint site.
    • Description - This must follow the same validation for updating the description as is present of the Edit SharePoint site

  • 19189- Hybrid 2 - Update the Organisation Yammer group based on User licences and status - When a user is assigned a licence and the Yammer application is enabled they should be added to the organisations Standard Yammer group. Subsequently, when a user is marked as a leaver, transferred to a new organisation, deleted, or removed from a user policy the user should be removed from the Organisations Yammer group.

  • 21272- Hybrid - Remove MFA when removing the ATP Local Admin role - A requirement of the NHSMail portal is for all users with an admin role (configured in the config file) should have MFA set for security reasons. When removing these admin roles from users MFA should also be disabled for those users.For this PBI the requirement is to remove MFA from users that have the ATP Local Admin removed when they are removed as an owner of an ATP group. MFA should be removed in accordance with the other constraints within the portal, and should only be removed if MFA is not applicable through another route.

  • 21574- Hybrid 2 - MFA :: Add the Local Helpdesk role to list of MFA enabled roles - The NHSMail portal requires users with admin roles to have MFA enabled. This list is currently a configured list in the NHSMail Portal. The Local Helpdesk role should be added to the already configured list.

  • 15399- B2B - Approve/ Reject External Organisation Requests - An NHSmail Global Admin wants to approve or reject an External Organisation whitelisting request within the NHSmail portal. To do this the user would expect to follow the below workflow.

    • Login to the NHSmail portal
    • Navigate to the Admin -> My Approval Requests
    • Search for the request and select to view the details
    • Approve or reject

  • 15972- B2B - View a list of whitelisted External Organisations - An Admin wants to view a list of the whitelisted External Organisations within the portal. To do this the user would expect to follow the below workflow

    • Login to the NHSmail portal
    • Navigate to the Admin -> Manage External Organisation Access

  • 16005- B2B - Modify the existing Leaver Process - An NHSmail Local Admin marks a user as a Leaver within the portal. To do this the user would expect to follow the below workflow:

    • Login to the NHSmail portal
    • Navigate to the Admin -> User Management
    • Search for the User
    • Select 'Leaver' within 'Actions'

  • 16046- B2B - Add members to Azure AD Guest Inviter Group using search page - The scope of the PBI includes the following:.

    • The scope of the PBI includes the following:
    • Enable the add member functionality via the user search page
    • Update the "B2B Eligible Guest Inviters" table within the Portal DB based on the updates made within the UI
    • New members
      1. Added to the "B2B Eligible Guest Inviters" table within the Portal DB
      2. Given the Azure AD Guest Inviter role
      3. Added to the SharePoint Inviter Security Group
      4. Assign the B2B_Approval role

    Updating a Azure AD Guest Inviter Group should be an auditable object type tagged to B2B

  • 16048- B2B - Delete Azure AD Guest Inviter Group - An Admin wants to delete an Eligible Guest Inviter Group that they are responsible for. To do this the user would expect to follow the below workflow:

    • Login to the NHSmail portal
    • Navigate to Admin -> Select the "Manage Eligible Guest Inviters" button
    • Select an "Eligible Guest Inviter Group"
    • Select delete

    Confirm selection

  • 16049- B2B - Modify the existing Transfer Process - An NHSmail Local Admin marks a user as a Transfer within the portal. To do this the user would expect to follow the below workflow:

    • Login to the NHSmail portal
    • Navigate to the Admin -> User Management
    • Search for the User
    • Select 'Transfer' within 'Actions'
    • Select the new Organisation

  • 16050- B2B - Modify the existing Deletion Process - An NHSmail Global Admin deletes a user within the portal. To do this the user would expect to follow the below workflow:

    • Login to the NHSmail portal
    • Navigate to the Admin -> User Management
    • Search for the User
    • Select 'Delete' within 'Actions'

  • 17624- B2B - Schedule task (monthly) to delete inactive Azure AD B2B Guest Accounts (90 days) - This PBI covers a monthly task to remove guest accounts that have been inactive for more than 90 days.

  • 20538- B2B - Remove members from an Azure AD Guest Inviter Group - An Admin wants to remove members from an Eligible Guest Inviter Group that they are responsible for. To do this the user would expect to follow the below workflow:

    • Login to the NHSMail portal
    • Navigate to Admin -> Select the "Manage Eligible Guest Inviters" button
    • Select an "Eligible Guest Inviter Group"
    • Remove members using the cross button via membership box
    • Select update

  • 19486- Hybrid Regression - Licenses are not removed in 'Office.com' portal even when it is turned off in NHS portal - When PROJECTPROFESSIONAL, PROJECTPREMIUM, PROJECTESSENTIALS Licenses are turned off for a member in 'User Policy' page and updated, the licences are not removed in office.com

  • 20890- Hybrid-Regression-Successful creation for PWA shows wrong growl message

    • Create the PWA successfully
    • verify the growl message shows "Create SharePoint collection request successful for ..." it should show "Create Project Web App request successful for ...."

  • 20894- Hybrid-Regression-Create PWA get display inappropriate in Audit

    • Create a PWA
    • verify the Audit record
    • Select Org and SharePoint (object target)
    • Expected: it should show Create Project web app
    • Object type: Project web app in drop down and in the table showing result
    • Action: Create / Update Project web app (based on the action)

  • 21000- Eider MO Hybrid2-Sync B2B Guest Users job is failing in MO - Sync B2B Guest Users job is failing while running in Hangfire.

  • 21234- Eider- MO-B2B- Guest inviters who get transferred or marked as leaver can still invite guest users to the tenant - When a user is marked as leaver or transferred (both single and bulk actions) the user retains the Guest_Inviter role in Azure. Portal user's admin roles are stripped as soon as it's moved from the current organisation, hence user can't perform any B2B guest invite related transactions via UI, but via Azure Portal or through PowerShell can invite external guest users to the tenant without any issue. It may lead to security issue as the user not getting stripped of AAD roles may lead to having unauthorised access on the tenant from the guest user perspective. Below is the example

    The below user was a B2B Approver for an org before it was transferred to a new org. Portal UI shows all admin roles (including B2B approver) are now stripped.

  • 21248- Eider MO- B2B- Leading or trailing spaces in the email addresses for guest inviters throws error on the front end with no unique row identifier - Adding leading or trailing spaces to the email addresses during import of guest inviters, makes the import process fail with the error that email address is not valid. User may get confused as it's really difficult to spot whitespaces in a large file, especially when you copy a large number of rows. In this process you don't have any unique identifier to say which row has got the email address with whitespace.

  • 21249- Eider MO-B2B- Guest inviters group members view isn't sorted in any particular order - Members list in the guest inviter group on Portal UI isn't sorted, which may lead to difficulty in finding the intended user from the UI if the list is really lengthy. It should be consistent across Portal and should be sorted in ascending order.

  • 21613- X26 roles (just in time elevated ATP Roles) are still allowed to be removed from front end - There was a requirement to disallow removal of ATP Global roles from UI, but no requirement around X26 roles. (hence probably it wasn't implemented). We just need to hide cross button for this X26 elevated roles as well.

    Expected Result - The teams call recording is set, and the policy is applied to all users of the user policy.

    Actual Result - The teams call recording toggle is set and saved into the Portal DB, however, the operation fails when setting the policy on the tenant with 'User does not have the required permissions'.

  • 22674-Hybrid Prod : Unable to create Teams through the NHSMail portal - When creating a team various different errors are being witnessed, to resolve the bug we should add retry logic to the Create Teams functions, allowing any failed Teams PowerShell to be retried a maximum of 4 times.

  • 22665 - Firecrest MO ATP Regression: The Audit search for ATP role is allowed to skip mandatory filter validations on audit search page.

  • 22668 - Firecrest MO ATP : Downloading of ATP reports action doesn’t have object category of type ATP in Audit (though audit is captured in ELK).

  • 22681 - Firecrest MO B2B- External org whitelist request approver (Global admin) can't view the essential details before approval.

  • 22683 - Firecrest MO B2B- Target Organisation for B2B processed request reflected incorrectly in audit entry.

  • 22684 - Firecrest MO B2B- Target object in the audit search doesn't cater for all allowed characters in the external org name field, thus resulting in form error.

  • 22705 - Firecrest MO B2B- Users with O365 admin role unable to filter B2B requests in the audit search.

  • 22910 - Firecrest MO B2B- B2B Guest request Attestation approval link from email loads a blank page for B2B_Approver (only in the 1st attempt and with direct link).

  • 22912 - Firecrest MO B2B- External organisation whitelisted domain with W3/http web addresses restrict guest invite.

  • 22669 - Firecrest-UI breaks for Approval Requests Details for Business Justification.

  • 22680 - Firecrest MO B2B- Field length and additional validations on external org request form not self explanatory.

  • 22203 - Firecrest-INT1 Hybrid-Removing member from user policy is failing with global admin user.

  • 22641 - Firecrest-MO-Hybrid2-regression-MFA licence limit is more than available MFA quota.


Skype For Business Known Issues

The key known issues affecting the Skype for Business desktop / mobile application are outlined below. These known issues are seperated out into Instant Messenging and Presence (NHSmail core service) and Audio and Video Conferencing (NHSmail additional service):

Instant Messaging and Presence

  • Issue Description:'Send a meeting' invite from Skype for Business option does not work for users who have outlook configured on their local machine (both via N3 and Internet)

    Latest Update and Guidance:This is expected behaviour whilst audio and video conferencing is not enabled. Users do not need take any action.

    Steps to re-create:

    1. User right-clicks on a contact in their contact list
    2. User selects ‘Schedule a Meeting’

    This results in no action being taken.

  • Issue Description:Once the address book download is completed (approx. a day across platform), the user can search contacts within their organisaiton and Instant Message each other without having the need to add them in their local contacts list. Only applicable to thick client.

    Latest Update and Guidance:Users should use the full email address for searching for their contacts until the address book download is completed.

    Steps to re-create:

    1. User searches for another user in Skype for Business using only first and surname before full address book sync has completed

    This results in the user receiving the error message ‘Address book synchronizing. Results may not be current.’. The user should search using the full email address when searching for users in the Skype for Business IM window. When searching for any users external to a user’s organisation, they should always search by email address.

  • Issue Description:Users on Windows XP platform will not be able to use desktop clients. To avoid compatibility and latency issue during IM they're advised to use web clients (> IE 9.0)

    Latest Update and Guidance:The product is not compatible with Windows XP. Please refer to the Service Configuration Guide.

  • Issue Description: Users receive an error message similar to “Cannot synchronize address book” or “Skype for Business can’t sync with your organisation’s address book right now”. This address book synchronisation failure is due to a bug in Microsoft Office 2016.

    Latest Update and Guidance: There is a requirement for local IT teams to update MS Office to the latest version to fix this issue. Users should speak with their Local Administrator for further guidance.

Audio and Video Conferencing

  • Issue Description: The Skype for Business mobile application does not support content sharing through peer-to-peer calls when one participant is on a desktop device and the other on a mobile device.

    The issue does not impact Skype for Business meetings but only direct peer-to-peer calls from the Skype for Business desktop application to the Skype for Business mobile application.

    User Impact: Users on a mobile device will be unable to view content being shared on a peer-to-peer call. The user on the desktop will be unaware that the content is not viewable unless the mobile device user notifies them.

    Latest Update and Guidance:

    Guidance for Users: Rather than initiating a peer-to-peer call, the desktop application user should use the 'Meet Now' feature in Skype for Business and invite the mobile user to join the Skype for Business meeting by following the instructions below:

    1. Open the Skype for Business desktop application
    2. Click the drop down arrow next to the settings icon and select Meet Now

    3. Add people to the meeting by clicking Invite More People
    4. Type the name or email address of the person you want to add in the box. Select the correct user from the list and click OK
  • Issue Description: Users who are enabled for Instant Messaging and Presence-only cannot join the audio/video for Skype for Business Meetings. The Skype for Business desktop application will launch and join the call, but no audio/video will be available.

    User Impact: The user is unable to join the audio/video of the audio/video for the Skype for Business Meeting.

    Latest Update and Guidance:

    Guidance for Users: The user should join the call via the Skype for Business web application as a guest. User should follow the instructions below to join as a guest:

    1. Open the Skype for Business Meeting from Outlook / Outlook Web App
    2. If available in the meeting invitation, click Skype for Business Web App as per the screen shot below.
    3. If this link is not available in the meeting invitation do the following;
      • Right click on Join Skype Meeting and select Copy Hyperlink .
      • Open a new browser window
      • Paste the copied URL into the browser box and add ?sl=1 at the end e.g. https://join.nhsmeeting.com/meet/ted.jones/V5T8957J?sl=1
      • Press Enter to open the meeting via the Skype for Business web application.
    4. Click Sign in as a guest to the meeting

    5. Click to download the Skype for Business Web App plug-in if not previously completed

    6. If the meeting does not automatically launch in the web application, click Join the meeting
  • Issue Description: Occasionally, Skype for Business Meetings may not launch due to connectivity issues following clicking the Join Skype Meeting from a meeting invitation.

    User Impact: User is unable to join the Skype for Business Meeting.

    Guidance for Users: Users experiencing this issue should try joining again after 30 seconds. If this issue persists, users should contact their Local IT Support Team for further support.

  • Issue Description: When a user clicks Join Skype Meeting from a meeting invitation, they are directed to meet.nhs.net which subsequently launches the Skype for Business desktop application or web application as appropriate. In some instances, a security log-in will pop up. The user will experience that they are unable to log in using their NHSmail credentials.

    User Impact: The user may occasionally experience a security login pop-up when attempting to join a Skype for Business meeting. If the user attempts to log in, they will receive an error message.

    Guidance for Users: Users should click Cancel when faced with the security pop-up pictured below. Once cancelled, the Skype for Business desktop application or web application should launch successfully.

  • Issue Description: Shared Notes will not be available for meeting participants to view or modify content during meetings if all conference/ call attendees do not have OneNote installed on their PCs.

    User Impact: This may cause some confusion for users as the 'Shared Notes' option will still appear in the desktop application regardless of whether they have OneNote installed or not.

    Guidance for Users: Users are advised to capture meeting notes via a different method or install OneNote to utilise this feature.


General Known Issues and Guidance

This section provides information and guidance on the common issues and questions raised by users of NHSmail. You can use the dropdowns below to show more information on each of the issues

  • Latest Update and Guidance: Organisations that are only using NHSmail as their email solution are not required to submit spam/ phishing evidence for the Data Security and Protection Toolkit (DSPT). Where organisations are using an email solution in addition to NHSmail, evidence is only required to be submitted for the other email solution. Further information available here: https://www.dsptoolkit.nhs.uk/News/46.

  • Issue Description: Users may experience a critical error when accessing the Options section of OWA when using the Microsoft Edge web browser. This is currently under investigation.

    Latest Update and Guidance: If changes to the Options section are required, it is recommended that an alternative web browser (Internet Explorer 11, Google Chrome, Mozilla Firefox etc.) is used as a workaround whilst the investigation is ongoing..

  • Issue Description: There is an issue with Chrome browser where a Zero Width Space (​) character is sometimes prefixed to the body of the email that has been composed via OWA, in Chrome. When the email is then sent, the recipient sees the Zero Width Space displayed as a "?" in the email.

    Latest Update and Guidance: This occurs only while using the Chrome browser which is being investigated by Chromium under the bug 578155. The workaround is to access OWA via browsers other than Chrome such as Internet Explorer or Firefox if this is seen to be causing an issue for end users.

  • Issue Description: Users who administer a large number of contacts across multiple organisations can get an error when searching for contacts if their search isn’t narrow enough as the amount of data returned from the search is too large.

    An example of the error message received is as follows:

    Latest Update and Guidance: Narrowing the search using the Advanced search filters allows results to be displayed. For guidance on narrowing down the search, please see 'Advanced Search' section in the LA Admin Guide.

  • Issue Description: Some government organisations have tested turning off the family domain ‘GCSX’ on 29th June 2018 and this resulted in some organisations being unable to send emails to some email addresses ending .gcsx.gov.uk since then.

    Latest Update and Guidance:This is in preparation for the retirement of the .gcsx.gov.uk domain in March 2019 (https://www.gov.uk/guidance/securing-government-email). If you experience similar issues whereby you are unable to send emails to a local government organisation, then please inform them that you are not able to send emails to their .gcsx.gov.uk email address and to determine the best alternative means of communication.

  • Issue Description: Outlook performance issues with folders in secondary mailbox.

    Latest Update and Guidance: Perfomance issues may be noticed with folders in secondary Microsoft Exchange Server mailboxes in Outlook 2016, 2013, 2010 and 2007 versions. New items may not appear or seem missing in secondary mailbox, deleted items may still appear in secondary mailbox or Outlook keeps crashing erratically. To solve these issues, please follow the guidance availabe in the Microsoft KB article.

  • Issue Description: Outlook performance issues when many shared folders or mailboxes are open. Additionally, users may encounter an error message when making changes or additions to a calendar, such as:

    "You don't have permission to create an entry in this folder. Right-click the folder, then click Properties to check your permissions for the folder. See the folder owner or your administrator to change your permissions."

    Latest Update and Guidance: It is a known issue within Outlook that an error occurs when making changes or additions to a calendar. The recommendation by Microsoft is to have 5 shared folders or mailboxes, but on a faster connection this can be as high as 10 or more. For more details please follow the Microsoft KB article.

  • Issue Description: All the folders of a mailbox do not load or appear in Outlook.

    Latest Update and Guidance: It is a known issue with Outlook that all the folders do not load or appear if there are too many folders within the mailbox. If there are more than 500 folders in the mailbox, it is likely to cause performance issues in Outlook. More details can be found in the Microsoft KB article.

  • Issue Description: When accessing email (OWA) from the portal via Safari 11.1 on MacOS High Sierra, users receive an error message as shown below and when accessing email (OWA) from the portal via Safari 11.1 on iOS, users get a bank screen.

    An example of the error received on MacOS is as follows:

    Latest Update and Guidance: The root cause of the issue is currently being investigated. As an interim workaround for MacOS and iOS, please follow the below:

    • For MacOS - Logout and clear cookies, then go to email.nhs.net directly (bypassing the portal) or use an alternate browser such as Chrome.
    • For iOS - Click the blue email icon (as shown below) after logging in to the portal www.nhs.net to access email.

  • Issue Description: When attempting to send an email to an existing address, a non-delivery report is received stating that 'The message wasn't delivered to anyone because there are too many recipients. The limit is 0. This message has 1 recipients'.

    An example of the message received within the non-delivery report is as follows:

    Latest Update and Guidance: This kind of non-delivery report is received when the user sends email without agreeing to the AUP and setting security questions in Portal. Users need to accept the AUP and set security questions before being able to send emails – otherwise will receive this error when sending emails.

  • Issue Description: Although users are either correctly set up as members of shared mailboxes, or delegates with ‘Send As’ rights to user mailboxes in the Portal they still receive the following message in a non-delivery report when sending from the account in the Outlook Client, getting the error message as :

    "This message could not be sent. Try sending the message again later, or contact your network administrator. You do not have the permission to send the message on behalf of the specified user."

    Latest Update and Guidance:This issues occurs when using an auto-complete entry that already resides in the Outlook Client auto-complete cache, and this needs to be removed and replaced with the 'From' mailbox selected directly from the Global Address List (GAL). Please attempt the following steps to resolve the issue:

    1. Go to the inbox of the shared mailbox you wish to send an email from in the Outlook Client.

    2. Click on 'New Email'.

    3. Click on the 'From' drop-down button and it should show user's personal nhs.net email address along with possibly the shared mailbox email address user is trying to send from. If the shared mailbox exists in the list click on the X next to the email address to remove the auto-complete entry. If the shared mailbox is not in the list, go to step 4.

    4. The 'From' drop-down list should persist, so click on the 'Other Email Address..' option.

    5. Rather than starting to type in the email address, click on the 'From' button to bring up the GAL.

    6. Find the shared mailbox in the GAL and double-click on it. The GAL will disappear and populate the 'From' box.

    7. Ensure that the 'Send Using' option is showing as your personal nhs.net email address.

    8. Click on 'OK'.

    9. Try to send an email.

  • Issue Description: When attempting to send an email to an existing address stored in your email auto-complete selection list, or a new email address typed in manually, a non-delivery report is received stating that 'The email address you entered couldn't be found. Please check the recipient's email address and try to resend the message. If the problem continues, please contact your helpdesk.'

    An example of the message received within the non-delivery report is as follows:

    Latest Update and Guidance:

    This kind of non-delivery report is typically received due to one of two reasons.

    • Firstly, the email address may have been typed incorrectly. Please double-check the email address you are sending to. If it is an NHSmail address, try adding the address from the Global Address List (click on the 'To...' button within the Outlook Client). If it is an nhs.uk address or an email outside of the NHS, please re-confirm with the recipient that the address you are sending to exists.
    • Secondly if looking further down the non-delivery report you see a message similar to the example below it is likely that the issue is caused by a corrupt auto-complete entry in the Outlook Client software which is easily corrected. Follow the guidance below to help correct this issue.

    Please follow the steps below to remove the auto-complete entry and then find the distribution list within the Global Address List (GAL):

    • Begin typing the name of the distribution list you want to use into a blank email within the Outlook Client software and you will see the auto-complete option similar to the following:

    • Click on the black cross to remove the entry from your Outlook Client auto-complete library.
    • Click on the To: button within the new email to access the Global Address List.
    • Type in the name or email address and click ‘Go’. Note: ensure that the ‘More columns’ radio button is chosen as shown in the example below which will search the email address column too.

    • Click the ‘OK’ button to return to your email. You should now be able to send successfully to the email address.

    In the event that this guidance does not resolve the issue, then please raise a ticket with your local IT Helpdesk or alternatively the NHSmail Helpdesk for additional assistance on this issue.

  • Auto-mapping is the automatic addition to the Outlook Client of any delegate or shared mailbox a user has security permissions to. The auto-mapping of mailboxes that a user has permissions to is enabled by design across the NHSmail platform. 

    The auto-mapping of accounts cannot be disabled on a per user basis, or across specific organisations. Mailboxes will be removed when the user’s permissions to the mailbox are also removed via the Portal by the mailbox owner or a Local Administrator. This decision has been taken to assist users with the adding of mailboxes they have permissions to access automatically rather than have to add mailboxes manually and to prompt the removal of the mailbox permissions after they are no longer required by the user.

  • When using the Outlook Client software connected to a local organisation domain, users should be aware that when prompted for NHSmail login credentials Outlook by typically offers the local domain username and only requests a password. NHSmail users should check closely the username that is being offered and if it is not your NHSmail email address choose the 'Use a different account' option to allow you to type in a replacement username (your NHSmail email address) and then add your NHSmail password.

    Likewise, when adding an NHSmail account to the Outlook Client for the first time the software defaults to the local domain username when following the account setup wizard. To add your NHSmail email address, simply start deleting characters from the email address text box and the window will expand to allow you to enter your NHSmail credentials.

  • Issue Description: The NHSmail Service experiences periodic issues relating to blacklisting. This is where external email and spam filtering services block email being sent from NHSmail to other email providers.

    Real Time Blacklists (RBL) is a measure employed across the industry to identify and block unsolicited (spam/phishing) email. There are thousands of RBL services operating using their own business rules. RBL services operate reactively and automatically blacklist network addresses. Receiving systems (e.g. other email providers) will typically check incoming email against one or multiple RBL provides. If the email is being sent from a listed system, the email is then rejected by the recipient system or the email is delivered to the recipient’s junk folder. Due to this, email to and from the Internet is never guaranteed for delivery.

    The NHSmail Email Gateway has been designed to minimise the occurrences of RBL listing. Despite all the active design improvements there is still a residual risk that email across the Internet (i.e. to external domains such as Gmail/Hotmail/Outlook.com) cannot be guaranteed for delivery. Proactive monitoring is in place to identify when blacklisting occurs to ensure the NHSmail Team can respond as quickly as possible to apply for de-listing. The de-listing process is dependent on third party organisations’ process and can take several hours for the process to complete.

    User Impact: Users may receive a non-delivery receipt following trying to send an email to an external email domain - for example, firstname.lastname@gmail.com. Email sent to external domains that block NHSmail will not be received by the recipient. Users may alternatively find that email may be delivered to the junk folder of recipient’s mailboxes.

    Guidance for Users:

    The NHSmail Team continue to work with the third party providers to apply for de-listing. This can take several hours for resolution. Users do not need to report these issues to the NHSmail Helpdesk.

    Guidance for NHSmail LOAs:

    The NHSmail Team continue to work with the third party providers to apply for de-listing. This can take several hours for resolution. LOAs do not need to report these issues to the NHSmail Helpdesk.

    If your organisation relies on sending or receiving email to and from the Internet, you should ensure:

    • You know which systems rely on sending and receiving email to and from the internet and the business impact for each system if email is blocked
    • Have a business continuity plan in place for business critical services
    • You have monitoring systems in place to detect message delivery issues
    • Your systems have the ability to re-send messages that have not been delivered both individually and in bulk
    • Those sending you email also have the ability to re-send messages that have not been delivered both individually and in bulk
    • Your organisation is able to sustain not being able to send or receive email for up to four days to/from internet addresses
    • Where you have a reliance on time critical guaranteed communication you should have alternative methods of communication in place such as system to system electronic data interchange N.B. SMS messaging is not a guaranteed or secure delivery method
    • Outgoing email is scanned for spam and viruses before being sent

    Guidance for External Email Services (e.g. NHS.UK and secure government email services):

    It is highly unlikely that email delivery between NHSmail, secure government email services and N3 hosted NHS.UK email services will ever be impacted by blacklisting. However, we recommend that organisations whitelist the previously provided and current NHSmail deliver IP address to avoid receipt issues from NHSmail. This will reduce the residual, highly unlikely, risk of NHSmail being blocked by local reputational databases.

  • Issue Description: Based on feedback from our userbase, the NHSmail Service will be introducing controls in the future to prevent spoofing. This is where emails are sent to NHSmail pretending to be from an "@nhs.net" account, but are in fact not. As an interim measure, emails that are spoofing the Service will not be blocked, but will be stamped with the following message:

    There are no further configuration changes to email authenticity controls at this time. Advance notification and guidance will be provided to organisations prior to any restrictive measures being introduced.

    User Impact: Where an email is being sent to a user that is pretending to come from an NHSmail account, the email will be stamped with the message shown above.

    Latest Update and Guidance:

    Users do not need to take any action on these notifications. They are provided for informational purposes only by the NHSmail Team.

  • Issue Description: Some users are experiencing issues using the 'Autodiscover' function when adding NHSmail to Windows 8 and Windows 10 phones. The root cause is being investigated by the support teams. In the meantime a workaround available to manually add the account.

    Guidance for Users on Windows 8:

    To add an NHS email account to Windows phone 8, do the following:

    1. Select Settings.
    2. Scroll down and select ‘email+accounts’.
    3. Select ‘add an account’.
    4. Select ‘Exchange’.
    5. Enter your NHSMail email address in the ‘Email address’ field.
    6. Enter your NHSMail password in the ‘Password’ field.
    7. Select ‘sign in’ at the bottom of the screen.
    8. If this fails, press ‘sign in’ again.
    9. At the next screen, select ‘advanced’
    10. In the ‘Server’ field enter eas.nhs.net
    11. Select ‘sign in’
    12. Close Settings.

    Guidance for Users on Windows 10:

    To add an NHS email account to Windows phone 10, do the following:

    1. Select Settings.
    2. Scroll down and select ‘Accounts’.
    3. Select ‘Email app accounts’.
    4. Select ‘Add an account’
    5. Select ‘Exchange’
    6. Enter your NHSMail email address in the ‘Email address’ field, select Next
    7. Enter your NHSMail password in the ‘Password’ field.
    8. Select ‘sign in’ at the bottom of the screen.
    9. If this fails, press ‘sign in’ again.
    10. At the next screen, select ‘advanced’
    11. In the ‘Server’ field enter eas.nhs.net
    12. Select ‘sign in’
    13. Close Settings.

  • Issue Description: NHSmail users may experience reduced user interface performance whilst using the premium version of OWA with the IE8 browser via www.nhs.net. Refer to the Browser Version Guidance if you are unsure of which version you are using.

    It is recommended that those users who still need to use the IE8 browser to access NHSmail make use of the OWA Light user interface to avoid encountering issues. Some functions are not available in OWA Light, such as access to Shared Folders. You can find more information on the available functions in OWA Light in the Browser Comparison Guide.

    To Enable or Disable OWA Light with IE8:

    1. Click on the Settings icon at the top right of the screen and select Display Settings

    2. Select the ‘Outlook Web App version’ option then check the ‘Use the light version of Outlook Web App’ tick box.

    3. Finally, click on the ‘OK’ option at the top of the screen. You will then need to log out and log back into OWA to experience the light version.

  • Issue Description: Compatibility issues have been identified when using Outlook 2010 service pack 2. This issue mainly impacts organisations running Windows XP desktop machines, but compatibility issues may still be seen with later operating systems when running Outlook 2010 SP2. Organisations should be aware that Windows XP is no longer supported by Microsoft. This means that this software is no longer tested when new software is released and is not provided with important security updates by Microsoft.

    User Impact: Users are continually prompted to enter their username and password even if they have enter the correct credential information, as per the screenshot below:

    Latest Update and Guidance 1/12/2017:

    Guidance for Users: Users should contact their local IT support desk for guidance on this issue. As a workaround, users can access NHSmail using Outlook Web App at www.nhs.net.

    Guidance for LAs / Local IT: Organisations have a number of options :

    1. Ideally upgrade to Outlook 2016 or at a minimum Outlook 2013 SP1

    2. Where upgrading is not possible organisations running Outlook 2010 Service Pack 2 and connecting via MAPI over HTTP should also deploy the hotfixes referenced by the following Knowledgebase articles;


    3) Where it is not possible to deploy the patches organisations should use Outlook Anywhere to access email.


NHSmail Service Level Performance Summary

This section publishes a summary of Accenture's monthly performance against the service levels agreed with NHS Digital to provide the NHSmail service. Each month's performance summary is provided in PDF format and available for download using the links provided in the table below If you have any questions or queries related regarding the published performance summary information please contact feedback@nhs.net.

Month Performance Summary Link
November 2018 Link
October 2018 Link
September 2018 Link