Simulated Phishing Campaign Request Form

Closed 14 Mar 2020

Opened 14 Mar 2019


Simulated Phishing Campaign Request Form

By choosing to use the Simulated Phishing Tool service you agree that DHSC, CQC, NHS Improvements and NHS England are updated on the statistics to gain an overall view of awareness across the health and social care environment.

Note: You will be asked to provide some key information in this form, please have it ready before proceeding. 

We will need you to: 

  • upload a .csv file containing - as a minimum - the first name; last name and email addresses of those you want the simulated phishing campaign to be sent to.  You can supply a maximum of 5,000 names. 
  • A preferred start date for your campaign
  • Contact details of two people with whom we will liaise to deliver the campaign. 
  • Authorisation - the name, title and contact details of an authorising person who has approved delivery of the campaign within your organisation.


What happens to my data?

What data do we ask for and why?

We ask for some personal details to two contacts (name, job title and email address)  in order to deliver the campaign.  We also ask for permission to contact you for promotional purposes.  This is optional.

What happens to my data?

By filling out this form you agree that we will process your data in line with the research purposes agreed above and NHS Digital's privacy policy. We respect your trust and protect your privacy and therefore will never sell or share this data with third parties. Your data will be treated confidentially and only used by NHS Digital for the research purposes specified. We will store any personal data for a period of 12 months. After that point, all personal elements will be deleted. If you have any questions, please contact


  • All Areas


  • IT Specialists


  • Information Technology