Programme news

Managing ESR Passwords

To further help our ESR users manage their ESR Password more easily, but retain the recommended levels of security, we are making some further changes to the rules.

Why are we changing the rules?

We have listened to employee feedback about the challenges of Password management in ESR and understand that this is an area that can cause frustration for users.  As the national workforce management system for the NHS it is vitally important that we safeguard the security of your data whilst balancing the need to make logging into ESR as easy as possible.

Our Password rules have always aligned with guidelines set out by the National Cyber Security Centre -​ but understand that further changes need to be made to help NHS employees when they need to reset their Password.

What are we doing?

We have simplified our policy whilst ensuring that we retain the recommended rules.  

Since April 2021:

There has been no expiry period enforced by default for Passwords on new ESR accounts.  We strongly encourage NHS Organisations to consider the use of expiry periods on employee user accounts if you are still using them.  

From August 2021:

We will remove the repeat/sequential character rule. This will leave 3 rules for Password requirements (as listed on the password reset page):

  • Minimum password length of 12 characters.
  • The password cannot be the same as any of the previous 4 passwords.
  • Commonly used passwords, such as “password1”, are not allowed.

To help NHS employees and Organisations we are currently developing a new Password Help section on the ESR Hub. This will have simple guidance that will help employees better manage their ESR Password and provide guidance for NHS Organisations about how they can help remove the pain points of ESR Passwords for their Employee Self Service users. 

The new Password Help section of the ESR Hub will be available from 13:00 on Friday 30th July 2021.

Your online payslip is waiting for you - before pay day

Whilst you might know when your pay day is, do you know when your Organisation releases your payslip for you to view online via ESR?  Some Organisations release payslips to employees up to six days before pay day, giving their employees the opportunity to check their salary before it gets paid into their bank account.

An enhancement to ESR at the end of December 2020 enabled NHS employees with access to ESR Employee Self Service to opt into online payslip email notifications.  Once selected this switches on the email functionality and you receive an email (to the email address that is saved in ESR) when your latest online payslip is available to view.  You can then login to ESR to view, download and print off your payslip if you want to - giving you control of accessing your pay data, when and where you want via your computer, mobile phone or tablet.

By May 2021, 5 months after the enhancement was launched, over 390k employees had opted into this notification feature and received an email advising them that their payslip was available online.  This figure continues to increase month-on-month as more NHS employees opt to use online payslips. 

There are over 1.88 million NHS employees who have switched to online payslips; this is over 81% of NHS employees who use ESR that now don’t receive a paper payslip.  This is helping NHS Organisations save on postage, distribution and administration costs, helping to reduce the NHS Carbon Footprint and supports a cleaner, greener environment.

If your Organisation is yet to make the switch to online payslips, you don’t have to wait.  You can opt out of paper by simply clicking the opt out button on the payslip/P60 portlet in ESR.

For more information visit the ESR Hub at or contact your NHS ESR Functional Account Manager.

Midlands & East of England

Using ESR to Record Conflict of Interest

NHS Arden and Greater East Midlands Commissioning Support Unit is one of the largest Commissioning Support Units (CSUs) in the country with a variety of customers ranging from Clinical Commissioning Groups (CCGs) to local authorities, through to a range of care providers. As the CSU is an NHS organisation, it is entrusted with taxpayers’ money and this money must be spent well and free from undue influence. Due to the collaborative nature of delivering health and social care, there is a potential risk of conflicts of interest. In 2017, NHS England produced guidance for the management of conflicts of interest in the NHS; highlighting the importance of these interests being declared.

In March 2020, as part of Release 45, using the terminology defined by NHS England, ESR introduced the functionality to enable employees to declare conflict of interest details, in turn allowing organisations to report and share this information. This was a timely addition into ESR for the CSU who had undergone an IT upgrade to Office 365 in late 2019 which led to the bespoke system on which we historically recorded conflict of interests to be no longer supported.

As an interim solution, between the bespoke system no longer working and the ESR capability being released, the CSU reverted back to using paper to record our conflict of interest declarations. However, during this period, Jane Ibbett, the CSU’s Senior Integrated Compliance Consultant, completed research to understand what recording conflict of Interest in ESR would entail and how it would work. Jane piloted using ESR for the recording of conflict of interest within the Compliance team, whereby 15 staff members completed their declarations in ESR. The pilot was a success, with the employees highlighting how easy using ESR was so the CSU moved to roll out the recording of conflict of interest in ESR to the rest of the organisation in August 2020.


The CSU found many positives came about from using this piece of ESR functionality. Our compliance prior to using ESR was 70% of conflict of interest declarations completed whereas the move to ESR saw this increase to an impressive 93% (the policy at the CSU states that all staff are to make a declaration, nil or otherwise, annually). The CSU is on track to have all of their staff compliant by August 2021.

Not only did our compliance increase but we also found that monthly reporting is far simpler and quicker when using ESR Business Intelligence (BI). Reports that used to take three hours now take five minutes, which is a huge time saving for Jane and her team and, because ESR is the master workforce system, additional information can be used within these reports that otherwise would have taken a significant amount of time to add in, such as directorate and cost-centre, making Jane’s reports more meaningful.

We wanted a way in which we could remind our staff to complete their declarations, so we gave all staff a local competence requirement that expires yearly. Until the staff complete their declarations, they remain red for the conflict of interest competency, which encourages them to complete them and serves as an excellent reminder for staff to renew them again, in a years’ time. This process further supports Jane and her team to report the organisational compliance for declarations as they can easily see the number of staff with the competency and those yet to gain it, through ESR BI. This set up does require some manual input whereby the competence has to be updated for the employees once the employees have completed their declarations by the team, but this works for us and the extra time taken to add this information in is outweighed by the speed in which reports can be produced.

For Jane and the wider CSU there is a recognition that the implementation of the conflict of interest functionality has been overwhelmingly positive and we are looking forward to further enhancements to the functionality that, subject to testing, will be included in Release 50 (July 2021). This includes applicants being given access to record any conflicts they may need to declare prior to starting (using the applicant dashboard) and improved notifications for managers when employees have made a declaration.

For further information or to ask any questions about the implementation of the conflict of interest functionality at NHS AGEM CSU, please contact Jane Ibbett, Senior Integrated Compliance Consultant for NHS Arden and Greater East Midlands Commissioning Support Unit at



Taylorfitch. Bringing Newsletters to life