1. Overview and introductory guidance

This page provides an overview of the Data Security and Protection Toolkit (DSPT).

2. Contact us

If you have a support query, please get in touch.

3. About the Data Security and Protection Toolkit

This page provides an overview of what the toolkit is, who should complete the toolkit, and why.

4. Strengthening Assurance - Independent Assessment Guides 23-24 v6

Guidance for DSPT independent assessment or audit providers, including auditors. The guidance is designed to be used by DSPT independent assessment providers, including internal auditors, when assessing DSPT submissions.

5. Organisation types

This document defines the organisation types within the Data Security and Protection Toolkit in 2023-24.

6. Data security standards - big picture guides

These ten guides provide more information on the ten data security standards, including suggestions and examples of how the standards might be achieved.

6.1 Additional Information on evidence item 1.1.2

Further information to support NHS Trusts, CCGs, CSUs, OES Independent Providers, IT Suppliers and DHSC ALBs to complete evidence item 1.1.2

6.2. Data Security and Protection Toolkit staff awareness questions

This list of questions can be used in local training materials or incorporated into local e-learning solutions.

7. Incident reporting

Guidance on reporting a data security incident in accordance with the General Data Protection Regulation and The Security of Network and Information Systems Directive.

8. Frequently asked questions

Responses to frequently asked questions regarding the Data Security and Protection Toolkit.

8.1 e-Learning – data security awareness – frequently asked questions

e-Learning – data security awareness – level one (v3.0)