The Data Security and Protection Toolkit (DSPT) is official and well-recognised.

Central and local government bodies, local authority and CCG commissioners, the Care Quality Commission and the National Data Guardian recognise it as the official tool to evaluate your compliance with legal requirements, Data Security Standards and good practice.

It has been developed by the NHS and updated in consultation with care providers to ensure it is social-care friendly.

By using the DSPT on an annual basis and reaching Standards Met you will be able to:

  • reassure people who use services, their families and your staff that you are managing their information safely. Most people expect you to share information with others who support them – but you must do this securely and legally
  • answer the Care Quality Commission’s Key Line of Enquiry questions about how you manage data securely (see KLOE W.2.8)
  • demonstrate that you meet legal requirements including Data Protection Legislation and the Data Security Standards
  • access key services such as NHSmail and shared care records.

Access to shared systems and NHSmail

The DSPT opens up potential access to shared systems, as the toolkit reassures NHS colleagues that care providers are operating to the same data security standards as NHS bodies. By completing the toolkit and achieving ‘Standards Met’, care providers can access the following systems:

  • GP Connect
  • Local shared care records
  • Proxy access to GP records
  • Proxy access for medication ordering
  • Summary care records

NHSmail is a free, secure email system available to care providers. NHS bodies require care providers to use secure email systems if they are communicating with them. To access NHSmail, care providers should reach ‘Approaching Standards’ or above on the toolkit.