The COVID Clinical Assessment Service (C-CAS) has been set up to support NHS111 in their response to the COVID-19 pandemic. NHS England sent a letter to GP practices on 27th March 2020 instructing them to set up GP Connect to facilitate this and allow patients to be transferred electronically. The practice is required to create a worklist consisting of 1
appointment per 500 registered patients per day available for direct booking by C-CAS/NHS111.
General advice is that people who feel unwell should first visit NHS 111 online, or ring NHS111 and from there they will be triaged into the appropriate stream. There will be a cohort of patients who are unwell enough that they need to see a clinician and those patients will need to be referred to their GP. The patient will be advised not to attend the practice, but to wait for the practice to contact them.
The C-CAS will book the patient into the worklist created by the GP practice. Although bookings are low at present, it is recommended that the practice checks their worklist every 30 minutes and triage accordingly. Once the patient has been booked onto the worklist, the care of the patient becomes the responsibility of the practice.
The C-CAS will be able to book into practice worklists from the 15th June 2020. Practices should have their worklists available to book into from this date.
Direct booking by NHS111 is also a requirement and practices should configure the C-CAS worklist to be bookable by NHS111 providers. Please follow the guides for your clinical system and add the NHS111 providers to your worklist by the 19th June 2020.
If you have any issues with configuring your worklist, please contact the Digital Transformation Team at scwcsu.glosdt@nhs.net.
Additional guidance is available here. View GP connect user guides for TPP and EMIS.
Cyber security update
NHS Mail password reset emails and security Many of us received an email over the weekend from NHS Digital, asking us to update our
passwords. Local Admins also received a more detailed communication about the action they
need to take and why. We can confirm that this is a legitimate request from NHS Mail, not spam. The email is safe, but rather than clicking on any links, best practice would be to open your browser and log in to your email via webmail (www.nhs.net) as you normally would to change your password.
This message was sent because NHS Mail and NHSD Data Security have, over the last week, seen 19 (a tiny proportion) NHS Mail accounts compromised due to exploitation of a previously notified vulnerability.
NHS Mail have centrally turned off the legacy protocols which can lead to the vulnerability
instructing Local Admins that they will need to review use of these legacy protocols and, only if absolutely necessary, turn them back on. Local Admins have also been asked to look for anomalous behaviour around logins to accounts. Other advice has also been reiterated to local admins.
The NHS Mail team are working with forensics to understand more about the activity on the 19
accounts; so far, there is nothing to indicate this is anything other than VERY LOW level activity. It does however mean that a lot of NHS Mail users have been asked to reset their passwords as soon as possible. NHSD could have forced the password change but were conscious not to impact on clinical teams. NHS Mail will however bring forward the password refresh cycle so any passwords not changed as a result of this email will be forced to be changed shortly.
If anything more concerning is found or seen, NHSX will be informed and will agree next steps but NHSD have advised that this is unlikely and they think this is well under control. This provides a good opportunity to add another reminder about cyber security and passwords. You should never open emails or click on attachments/files that you are not
expecting, especially requests that appear urgent, ask for sensitive information or threaten a loss of access unless you comply with the contents. Never disclose your username or password. Please verify suspicious emails with a phone call using a number from a trusted source (internal directory or legitimate web site contact details) – do not reply to the email.
Report any suspected phishing/spam email to NHSmail at spamreports@nhs.net by attaching
the suspicious email to a new email and sending – please do not just forward it. Always use strong and unique passwords to enhance protection for your accounts. Three unrelated words is best (using three of the following four conditions: uppercase, lowercase, number and special character) e.g.
- Hand-Post-Lawn
- Hand-post-lawn
- Handpostlawn1
- Handpostlawn$
- handpostlawn$1
Scam calls There have been reports of a scam call to work phones. The automated message says that
HMRC are calling about a reported fraud against this number, asking the listener to press digits. Should you receive such calls, please hang up. HMRC SMS messages and voice calls will never ask the customer to provide personal or financial information.
Webinars
Digitally Excluded Communities: How to support patients with getting online 11th June, 4.30pm, 30 minutes duration. Digital nurse champion Ann Gregory will share the amazing digital transformation work at her GP practice in one of the highest deprived areas of the UK. Register here.
Proxy Access for Patients at GP practices 18th June, 4.30pm, 30 minutes duration. This webinar is designed to help GP practices understand Proxy Access in the practice setting. Register here
Q&A session - Using digital in response to COVID-19 25th June, 4.30pm. Register here and submit your questions.
Reading and managing eConsults 10th June, 1pm – 2.30pm eConsult are offering a clinician focussed webinar about reading and managing eConsults.
The session will include real life case studies, live Q&A and the opportunity to share learning with colleagues in other practices. Please use this link on the day adding meeting number: 146 368 126