We use cookies to help provide you with the best possible online experience.
By using this site, you agree that we may store and access cookies on your device. Cookie policy.
Cookie settings.
Functional Cookies
Functional Cookies are enabled by default at all times so that we can save your preferences for cookie settings and ensure site works and delivers best experience.
3rd Party Cookies
This website uses Google Analytics to collect anonymous information such as the number of visitors to the site, and the most popular pages.
Keeping this cookie enabled helps us to improve our website.
Data Security & Protection Tool Kit
Data Security and Protection Tool Kit (DSPT)
This is an online self-assessment tool that allows organisations that process health and care data to measure their performance against National Data Guardian’s 10 data security standards. These security standards have been essential in protecting patient information by encouraging a focus on three key areas: people, process and technology.
In September 2024 NHSE and NDG announced a transition from these NDG 10 to the Nation Cyber Security Centres Cyber Assessment Framework (CAF) due to the rapidly changing landscape of technology and the heighten risks of cyber threats required more advanced approaches with CAF provides. This is a new change, and we are awaiting notification from NHSE on our transition date.
All organisations that have access to NHS patient data and systems must use this toolkit to provide assurance that they are practising good data security, and that personal information is handled correctly.
The new incident reporting tool reflects the new reporting requirements of the General Data Protection Regulation (GDPR), and for relevant organisations the Networks and Information System (NIS) Regulations.
Breaches must be notified to the Information Commissioners Office without undue delay, the requirement is with 72 hours.