The Data Security and Protection Toolkit is an online self-assessment tool that allows organisations to measure their performance against the National Data Guardian’s 10 data security standards.

All organisations that have access to NHS patient data and systems must use this toolkit to provide assurance that they are practising good data security and that personal information is handled correctly.

This system is subject to ongoing development.

What's new?

DSPT Independent Assurance and Audit 2023-24

Guidance for all NHS Trusts, ICBs, CSUs, DHSC Arms Length Bodies, Independent Providers who have been designated Operators of Essential Services and IT Suppliers to have a DSPT Audit to the required mandatory scope and framework methodology.

Toolkit webinar slides (Updated 11 April 2024)

Including video and presentation slides from recent Webinar sessions.

We need your help to review the costs and benefits associated with completing the DSPT (5th April 2024)

Would you be willing to complete a survey on the costs and benefits associated with completing the DSPT.

Toolkit webinars and update events (02 April 2024)

Dial in details for our training and update events for 2024. The date for the large organisations webinar next week (w/c 8th April) has changed from 11th April to 9th April, same time and dial in details.

System changes and release notes (updated 25 January 2024)

A high-level summary of recent changes (and an MFA reminder) is provided here for reference.

Changes coming to the DSPT for large NHS Organisations in 2024-25 (19 March 2024)

Details about how the DSPT will be changing to adopt the National Cyber Security Centre’s Cyber Assessment Framework (CAF) as its basis for cyber security and IG assurance in 24-25.