The Data Security and Protection Toolkit is an online self-assessment tool that allows organisations to measure their performance against the National Data Guardian’s 10 data security standards.

All organisations that have access to NHS patient data and systems must use this toolkit to provide assurance that they are practising good data security and that personal information is handled correctly.

This system is subject to ongoing development.

What's new?

DSPT 24-25 Interim (Baseline) assessment window now open (29 November 2024)

Details about the DSPT 24-25 Interim (Baseline) assessment for NHS Trusts, Integrated Care Boards, DHSC Arm’s Length Bodies and Commissioning Support Units.

DSPT Independent Assurance and Audit 2024-25 (29 November 2024)

Guidance for all Independent Providers who have been designated Operators of Essential Services and IT Suppliers to have a DSPT Audit to the required mandatory scope and framework methodology. Summary guide for NHS Organisations and the list of mandatory outcomes to audit is now available with detailed guidance to follow in a couple of weeks (mid December 2024).

Reminder on submitting an update to your 23-24 DSPT Improvement plans (29 November 2024)

This is for organisations with a 2023-24 (v6) DSPT publication status of ‘Approaching Standards’ or ‘Standards Not Met’.

Toolkit webinar slides (Updated 29 November 2024)

Including video and presentation slides from recent Webinar sessions including the changes to the DSPT for 24-25 for NHS Trusts, ALBs, ICB and CSUs.

Toolkit webinars and update events (28 November 2024)

Includes details of the 24-25 Webinars for Large NHS organisations and scheduled webinars through to June 2025.

Free learning available to help complete the CAF-aligned Data Security and Protection Toolkit (08 November 2024)

Immersive Labs training available to help support NHS Trusts, ICBs, CSUs and ALBs complete their 24-25 Data Security and Protection Toolkit (DSPT)