Toolkit take-up (updated 19 July 2019)

All organisations that have access to NHS patient data and systems should publish a DSPT self-assessment to provide assurance that they are practicing good data security and that personal information is handled correctly.

Over 27,500 organisations published a self-assessment against the 2018-19 standard.

The attached spreadsheet provides details of organisations which have registered on the DSPT and the level of their latest published self assessment. Assessments were made against the 2018-19 (version 1) standard unless stated.

DSPT Progress as of 19_07_2019 13_23_41.xlsx

Parent CCGs have been added from ODS where recorded.  Please note that Social Care Providers can register on the DSPT at either HQ or site level. These can be differentiated in the report by looking at the ODS code - HQ codes usually take the format ‘Axxx’ whereas sites are ‘Vxxx’. The CCG is displayed for sites, but it is not possible to do so for HQs as these generally span a wider geographical area.

Data accurate as at 19 July 2019. 

New Functionality

If you would like to search for organisations and their current status on the DSP Toolkit, an organisation search function is available on: This tool is subject to ongoing development.