What is the NHS Data Security and Protection Toolkit (DSPT)?

The DSPT (Data Security Protection Toolkit) is the NHS’s core standard for protecting healthcare information. Any organisation that accesses NHS patient data or national systems – whether a healthcare provider or a commercial third party – is obliged to complete these requirements.

Launched by NHS Digital in May 2018, the DSPT replaced the Information Governance Toolkit. It must be completed annually to provide assurance that organisations adhere to good data security practices.

The online assessment tool measures and publishes organisations’ performance against the National Data Guardian’s ten data security standards and relevant elements of GDPR. It is also used by the Care Quality Commission (CQC) in their Well Led inspections.

DSPT supports other recognised data security best practices, including Cyber Essentials Plus and ISO 27001 – and takes these into account in terms of its requirements on organisations.

Monmouth helps healthcare organisations to determine whether they understand and fully comply with national DSPT requirements. We identify risk areas from non-compliance and support clients to ensure their processes and arrangements are fit-for-purpose – and aligned to best practice. To find out more about the support we offer, click here.

Latest content:


NHS services under pressure – What legacy will Covid-19 leave?

Back in August we looked at the impact of the pandemic on NHS cancer services. The concern then was that patients were not being seen or treated quickly enough or in some cases, given the drop-off in activity, not being diagnosed in the first place. Given the false dawn lull in Covid cases back in the summer, now all too clearly the calm before the storm, what is the situation now?

Read More »
Please accept [renew_consent]%cookie_types[/renew_consent] cookies to watch this video.

Tracking the Pandemic and its impact