We have set up a helpline for the duration of the Covid-19 crisis. Call us on 0208 133 3430 (Mon-Fri 9-5) or email [email protected] for free support.

We recommend that you use NHS Digital’s Data Security and Protection Toolkit. It is a free, online self-assessment of your compliance with:

It is not just about your technology. It is about any information you hold about any person – staff, residents or visitors.

Who should complete the Data Security and Protection Toolkit?

Please check our FAQ for up-to-date details on who is mandated to complete the Toolkit.

When to complete it

The Data Security and Protection Toolkit must be completed every year. It runs annually from 1st April – 31st March. This means that it is a rolling process. You can go in and out of the online Toolkit throughout the year and can make updates at any time.

What are the different levels of compliance?

The Care Provider Alliance worked with NHS Digital and the Department of Health and Social Care to create an ‘Entry Level’ for the Toolkit. This is only available for social care providers.

Entry Level was developed in recognition of how new this requirement is for our sector.

 

Entry LevelsTime-limited level (subject for review) for social care providers.

Evidence items for critical legal requirements are being met; but some expected mandatory requirements have not been met. (https://www.dsptoolkit.nhs.uk/Help/32)

Allows access to NHSmail
Standards MetEvidence items for all mandatory expected requirements have been met.

Access to NHSmail and other secure national digital solutions, e.g. Summary Care Records, and potentially local digital information sharing solutions.
Standards ExceededEvidence items for all mandatory expected requirements have been met.

The organisation has external cyber security accreditation.

Evidence of best practise.
Critical Standards Not MetEvidence items for critical legal requirements have not been met by the organisation.

No access to information sharing tools, e.g. NHSmail.

How to register on the Data Security and Protection Toolkit

If you need support registering for the Toolkit, we have produced guidance on how to do this: Registering for the Data Security and Protection Toolkit

This includes

  • What ODS codes are and how to find yours.
  • Guidance on what to do if your organisation has more than one site.

This guidance is particularly useful for large multisite providers, domiciliary care organisations and providers offering multiple services.

Completing Entry Level

We have produced a how-to guide and a range of templates to help you complete Entry Level. You can find these here.

If you are commissioner who is supporting care providers to complete the toolkit in your region, we also have materials for you to use.

You can find these here.

Completing Standards Met

We have produced a how-to guide and a range of templates to hep you to complete Standards Met. You can find these here.