What security standards should software companies in the care sector have in place?

The Data Security and Protection Toolkit requires care providers to use software companies that have security standards in place. The options are either ISO 27001 or Cyber Essentials or Digital Marketplace listing or DSPT accreditation. Digital Social Care Records suppliers listed on the dynamic purchasing system have been assured as having met these standards.

Software suppliers should give you evidence to support your DSPT application. Several of the large software companies have published information to help you complete the DSPT. You can access this information, which follows the questions within the DSPT, on the CASPA website.

Back to FAQs