The DSPT (Data Security Protection Toolkit) is the NHS’s core standard for protecting healthcare information. Any organisation that accesses NHS patient data or national systems – whether a healthcare provider or a commercial third party – is obliged to complete these requirements.
Launched by NHS Digital in May 2018, the DSPT replaced the Information Governance Toolkit. It must be completed annually to provide assurance that organisations adhere to good data security practices.
The online assessment tool measures and publishes organisations’ performance against the National Data Guardian’s ten data security standards and relevant elements of GDPR. It is also used by the Care Quality Commission (CQC) in their Well Led inspections.
DSPT supports other recognised data security best practices, including Cyber Essentials Plus and ISO 27001 – and takes these into account in terms of its requirements on organisations.
Monmouth helps healthcare organisations to determine whether they understand and fully comply with national DSPT requirements. We identify risk areas from non-compliance and support clients to ensure their processes and arrangements are fit-for-purpose – and aligned to best practice. To find out more about the support we offer, click here.