The NHS Data Security and Protection (DSP) Toolkit

Estimated reading time: 2 minutes

Given the sensitivity of patient data, it is right that all organisations within the NHS provider and supplier ecosystems take privacy and security seriously. One NHS initiative to help ensure this happens is the DSP Toolkit, launched in 2017.

What is the Data Security and Protection (DSP) Toolkit?

The Data Security and Protection (DSP) Toolkit is an online self-assessment tool that allows organisations to measure their performance against the UK’s National Data Guardian’s 10 data security standards. Completing the DSP assesses whether an organisation is working towards or meeting these standards. The results are publicly available online for anyone to access.

The DSP is now in its third iteration (V4) and all NHS organisations and suppliers that have access to NHS patient data needed to complete the latest DSP Toolkit by 30th June 2022. This includes suppliers of applications and data analytics such as ourselves, opticians, pharmacies, social care providers, charities and all NHS organisations such as acute, mental health and ambulance trusts.

Completing the toolkit provides assurance to NHS management, staff, and system users that the organisation is practising good data security and that personal information is handled correctly.

To date, over 40,000 organisations have completed the toolkit.

What does the DSP Toolkit cover?

The scope of the toolkit is the same as the UK’s National Data Guardian’s (NDG) data security standards which cover the following 10 areas:

  • 1   Personal Confidential Data
  • 2   Staff Responsibilities
  • 3   Training
  • 4   Managing Data Access
  • 5   Process Reviews
  • 6   Responding to Incidents
  • 7   Continuity Planning
  • 8   Unsupported Systems
  • 9   IT Protection
  • 10   Accountable Suppliers

You can find out about each at the DSP Big Picture Guides.

And what is C-BIA Consulting’s NHS DSP status?

Go to Organisation Search and enter ‘CBIA’ or our registration code ‘8KL95‘ to see our currents status. The image at the top of this post shows we met all the standards above on July 19th 2021.