Standard Trac access
Anyone can request a standard Recruiting Manager (RM) Trac account if they are:
- an active employee
- a secondee of the organisation
To request a login for Trac, please email the HR Shared Services (HRSS) Query team.
To verify you are an active employee, the HRSS Query team will use your name and email address within the Electronic Staff Record (ESR) System. Should they not be able to locate you using this information they will require your National Insurance number and Employee number.
Should you require a Trac account to be set up with a different email address that is currently shown on your ESR account, you will be required to contact the Health Services Safety Investigations Body (HSSIB) HR team to request this to be updated before a Trac account can be created.
Should HRSS have all the information needed to verify your request, it will be processed within one working day.
Once a Trac account has been created, you will receive a welcome email. This email will contain an activation link which will expire after two days.
Additional access
Requests for additional access to Trac will need to be made to your Customer Account Manager. Should this request be granted, the Customer Account Manager will forward your request to HRSS.
Access no longer required
Should you no longer require access to Trac you must email the HRSS Query team to allow them to remove your access.
Trac account with a different organisation
If the user already holds a Trac account with a different organisation, they will need to contact Trac directly to request that this account is de-activated. Once this has happened, HRSS will be able to create the new account as requested with their new organisation.
Trac multi-factor authentication
Multi-Factor Authentication (MFA) is enabled on both the Trac admin and candidate sites. This security feature enhances account protection and aligns with NHS England’s Multi-factor authentication (MFA) policy.
When logging into Trac, you’ll be required to enter a One Time Passcode (OTP). After submitting your email and password, a 6-digit OTP will be sent to your email. Enter this code on the next screen to complete your login.
If the OTP is entered incorrectly five times, your login access will be frozen for 10 minutes, in line with Trac’s password timeout policy. After 20 failed login attempts, your account will be locked. You can unlock it using the ‘Password reset’ option.
You won’t be asked for an OTP when re-authenticating after periods of inactivity – only your password will be required.