News

The latest news and resources.

Toolkit webinars and update events (26 April 2024)

Dial in details for our training and update events for 2024.

Changes coming to the DSPT for large NHS Organisations in 2024-25 (26 April 2024)

Details about how the DSPT will be changing to adopt the National Cyber Security Centre’s Cyber Assessment Framework (CAF) as its basis for cyber security and IG assurance in 24-25.

DSPT Independent Assurance and Audit 2023-24

Guidance for all NHS Trusts, ICBs, CSUs, DHSC Arms Length Bodies, Independent Providers who have been designated Operators of Essential Services and IT Suppliers to have a DSPT Audit to the required mandatory scope and framework methodology.

Toolkit webinar slides (Updated 11 April 2024)

Including video and presentation slides from recent Webinar sessions.

We need your help to review the costs and benefits associated with completing the DSPT (5th April 2024)

Would you be willing to complete a survey on the costs and benefits associated with completing the DSPT.

System changes and release notes (updated 25 January 2024)

A high-level summary of recent changes (and an MFA reminder) is provided here for reference.

Winners announced for the National Health and Social Care - Information Governance Annual Awards 2024 (15 March 2024)

Details of the winners and finalists.

As of 13th March 2024 the DSPT Demo environment is available again after disruption earlier in the week.

We apologise for any inconvenience

Assertions and Evidence items for the Data Security and Protection Toolkit 2023-24 (4th March 2024)

Key facts and assertions and evidence items for the Data Security and Protection Toolkit 2023-24 (version 6).

Reminder to submit a Baseline (Interim) Publication for your 23-24 Data Security Protection Toolkit (24 February 2024)

For NHS Trusts, Integrated Care Boards, DHSC Arms Length Bodies and Commissioning Support Units

Notified Incidents Reports 2023 (22th January 2024)

Incidents notified to the Information Commissioner's Office via the Data Security and Protection Toolkit during Q1-Q4 2023.

Notified Incidents Reports 2022 (22th January 2024)

Incidents notified to the Information Commissioner's Office via the Data Security and Protection Toolkit during Q1-Q4 2022.

Big Picture Guides PDF Versions (15 January 2024)

Big Picture Guides PDF Versions now available, as requested by the community.

New – free e-learning on data security and protection for care staff (13th December 2023)

Further details and a link to a new e-learning resource specifically designed for the care sector.

DSPT and Cyber Essentials Plus – Update January 2021

Applicable to NHS Trusts and Foundation Trusts

Staff training, awareness and culture major DSPT change

Until July 2023, the DSPT required that you train at least 95% of your staff using the national Data Security Awareness Level 1 e-learning or a local equivalent. This has changed for 2023/24. Instead of the 95% training requirement, you now need to ensure that all your staff have an ‘appropriate understanding of information governance and cyber security’.

Big Picture Guides for 23-24 v6

The Big Picture Guides have been updated for the current release (23-24 v6).

NHS England publishes new multi-factor authentication (MFA) policy and accompanying guidance (29th August 2023)

New policy and guidance, who it applies to and where you can find it.

NHS England launches new universal information governance templates

NHS England has launched a new suite of information governance templates. The suite covers templates for Data Protection Impact Assessments, Data Sharing and Processing Agreements, Information Assets & Flows Registers and Privacy Notices.

Improvement Plans - Instructions for 2022-2023 (07 June 2023)

Guidance to support NHS Trusts, ICBs, CSUs, Local Authorities and DHSC Arm's Length Bodies to submit a DSPT improvement plan, if required.

Information about the Baseline submission for NHS Trusts, ICBs, CSUs and DHSC ALBs (31 January 2023)

A note about the Baseline submission for, NHS Trusts, ICBs, CSUs and DHSC ALBs.

National Health and Social Care Strategic Information Governance Network Local Group Map and Awards Winners (23rd December 2022)

The winners are announced for the 2022 National Health and Social Care Strategic Information Governance Network Awards and local group map.

Assertions and Evidence items for the Data Security and Protection Toolkit 2022-23 (12 December 2022)

Key facts and assertions and evidence items for the Data Security and Protection Toolkit 2022-23 (version 5)

Postponed: National Health and Care Strategic Information Governance Network Annual Awards 2022 (14th September 2022)

The National Health and Care Strategic Information Governance Network Awards have been postponed due to the death of the Queen.

Thank you for completing your 21 22 Data Security and Protection Toolkit Helpdesk Update (5th July 2022)

Update on 21 22 Data Security and Protection Toolkit

Notified Incidents Reports 2021 (7th January 2022)

Incidents notified to the Information Commissioner's Office via the Data Security and Protection Toolkit during Q1-Q4 2021.

Data Security and Protection Toolkit (version 4) 2021-22 (Updated 9 June)

Overview of the Data Security and Protection Toolkit (version 4) 2021-22 requirements, including downloadable spreadsheet. Updated to reflect national data opt-out changes

National Data Guardian guidance on the appointment of Caldicott Guardians, their role and responsibilities and new free online learning (03 May 2022)

Details and links to updated guidance and free online learning

Remember to complete and publish your toolkit self-assessment by 30 June 2022

Deadline for 2021-22 toolkit self-assessment publication

National Data Opt-Out update (31 March 2022)

The mandatory implementation of the National Data Opt-Out (NDOO), deadline of 31 March 2022, has been extended until 31 July 2022.

Accessibility statement

Accessibility statement for the Data Security and Protection Toolkit

Deadline extended to 4 March 2022 for Baseline submission for NHS Trusts, CSUs and DHSC ALBs (03 March 2022)

A note about extension of the deadline for the the Baseline submission for NHS Trusts, CSUs and DHSC ALBs. CCGs are not required to complete a baseline or submit any formal assurance .

CCG/ICB Briefing (24 February 2022)

An update on actions to be taken for CCGs and ICBs for the 21-22 DSP Toolkit.

Log4Shell Vulnerability and reminder about the importance of keeping your systems updated (24 December 2021)

This page provides more information about the Log4shell security vulnerability, the steps you should take to protect your data and critical services, a link to a recording of the LOG4J Webinar and confirmation of the DSP Toolkit exception.

National Health and Care Strategic Information Governance Network 2021 Award Winners Announced

Details of the National Health and Care Strategic Information Governance Network 2021 Award Winners

Access to shared systems (Adult Social Care) 20 October 2021

A copy of the item published by NHSX on the access to shared system (adult social care) that Data Security and Protection Toolkit can provide.

Supported Browsers on the Data Security and Protection Toolkit

From 19 August the Data Security and Protection Toolkit will no longer support Internet Explorer 11. If you use Internet Explorer 11, you should switch to a modern supported browser.

Nominations are open for the National Health and Social Care Information Governance Annual Awards 2021

Details about the SIGN Awards

Update to the DSP Toolkit: National data opt-out non-mandatory for the 2020-21 DSP Toolkit and Spot Checks (10th May 2021)

The DSP Toolkit has been updated to make the evidence item 1.4.4. on the National Data Opt-Out non-mandatory for all sectors and advice on spot checks not being required to be physical events.