We have set up a helpline for the duration of the Covid-19 crisis. Call us on 0208 133 3430 (Mon-Fri 9-5) or email [email protected] for free support.

The Data Security and Protection Toolkit (DSPT) is a really helpful annual self-assessment for health and care organisations. It shows care providers what you need to do to keep people’s information safe, and to protect your business from the risk of a data breach or a cyber attack. It covers both paper and digital records

When you complete the toolkit, you can publish and share information about the standard you have reached, and how you are improving your policies and practice.

Benefits of the DSPT

The Data Security and Protection Toolkit is official and well-recognised.

Central and local government bodies, local authority and CCG commissioners, the Care Quality Commission and the National Data Guardian recognise it as the official tool to evaluate your compliance with legal requirements, Data Security Standards and good practice.

It has been developed by the NHS and updated in consultation with care providers to ensure it is social-care friendly.

By using the toolkit on an annual basis and reaching Standards Met you will be able to:

  • reassure people who use services, their families and your staff that you are managing their information safely. Most people expect you to share information with others who support them – but you must do this securely and legally
  • answer the Care Quality Commission’s Key Line of Enquiry questions about how you manage data securely (see KLOE W.2.8)
  • demonstrate that you meet legal requirements including Data Protection Legislation and the Data Security Standards
  • access key services such as NHSmail and shared care records.

Not all care providers will be able to reach Standards Met immediately. So there is a stepping-stone level called Approaching Standards. If you reach this standard, the toolkit will prompt you to produce an Improvement Plan to demonstrate how you are working towards Standards Met.

But remember, you’ll need to reach Standards Met before your service can be part of any of the projects and initiatives that allow care services to directly access NHS patient information systems, for example, GP records and shared care records.

NHSmail waiver

Because of COVID-19, there is a waiver which allows care providers to access NHSmail without using the DSPT. This waiver is in place until 30 June 2021.

If you use NHSmail or you want to have access to it, the most effective way of ensuring that you have ongoing access is to reach at least Approaching Standards.

Who needs to complete the DSPT?

  • If you have services funded by the NHS, for example under continuing healthcare, there is a legal requirement to complete the DSPT every year.
  • All adult social care services in England, including residential and nursing homes, supported living, homecare, extra care, shared lives and day services, are strongly recommended to complete the DSPT. It’s increasingly what local authorities, CCGs and the Care Quality Commission will expect to see.
  • You don’t need to have completed or to register with the DSPT just to have video appointments with NHS services, but it is strongly recommended.

How to register on the Data Security and Protection Toolkit

You can register online at https://www.dsptoolkit.nhs.uk/Account/Register

If you need support registering for the Toolkit, we have produced guidance on how to do this: Registering for the Data Security and Protection Toolkit

This includes

  • What ODS codes are and how to find yours.
  • Guidance on what to do if your organisation has more than one site.

This guidance is particularly useful for large multisite providers, domiciliary care organisations and providers offering multiple services as the process does vary depending on how your own organisation manages its data.

Support and guidance: Better Security, Better Care programme

Better Security, Better Care is a national and local support programme to help care providers to improve their data and cyber security by completing the DSPT.

It includes a range of useful resources to help you to use the toolkit, as well as practical support from a network of local support partners across England, national support for large care providers, and a dedicated helpline.

Find out more about the Better Security, Better Care programme, including how to contact your local support group or the national team at Digital Social Care.

Access the following resources: