The Data Security and Protection Toolkit is an online self-assessment tool that allows organisations to measure their performance against the National Data Guardian’s 10 data security standards.

All organisations that have access to NHS patient data and systems must use this toolkit to provide assurance that they are practising good data security and that personal information is handled correctly.

This system is subject to ongoing development.

What's new?

System changes and release notes (updated 21 January 2022)

A high-level summary of recent changes is provided here for reference

Toolkit webinars and update events (6 January 2022)

Dial in details for our training and update events. Date pushed back a week for the CCG Webinar.

Log4Shell Vulnerability and reminder about the importance of keeping your systems updated (24 December 2021)

This page provides more information about the Log4shell security vulnerability, the steps you should take to protect your data and critical services, a link to a recording of the LOG4J Webinar and confirmation of the DSP Toolkit exception.

National Data Guardian guidance on the appointment of Caldicott Guardians, their role and responsibilities and new free online learning (24 December 2021)

Details and links to updated guidance and free online learning

Improvement Plans - Instructions for 2021 (21 December 2021)

Guidance to support NHS Trusts, CCGs, CSUs, Local Authorities and DHSC Arm's Length Bodies to submit a DSPT improvement plan. Updated as reporting arrangements.

Toolkit webinar slides (Updated 11 November 2021)

Presentation slides from recent Webinar sessions