Improvement Plans - Instructions for 2021 (20 May 2021)

This guidance only applies to NHS Trusts, CCGs, CSUs, Local Authorities and DHSC Arm's Length Bodies. 

The Improvement plan process is designed to support those organisations who have not quite met the toolkit standard and only have a few outstanding evidence items to meet.   

NHS Trusts, CCGs, CSUs, Local Authorities and DHSC Arm's Length Bodies that have not met all mandatory evidence items, should publish a Standards Not Met assessment and submit an Improvement Plan

Your plan will be reviewed by NHS Digital and, if approved, your toolkit status will be amended to Standards Not fully Met (Plan Agreed). 

 

How to complete your Improvement Plan. 

Please complete the Improvement Plan template provided.

The plan must include:

- all the mandatory evidence items where there is a gap between the DSP Toolkit standard and your organisation’s current position.  

- the actions required to meet the outstanding evidence item.

- the action owner for each item.

- the expected completion date of the outstanding actions - which should be within 6 months i.e. by 30 December 2021. 

There is also the opportunity on the template to confirm whether your Covid response has impacted on your Organisation meeting the evidence item. Where this applies, for these evidence items, dates are still required for when the actions will be completed but these dates can be relative to the return to business as usual, i.e. the policy will be agreed three months after return to BAU. 

 

When to submit your Improvement Plan 

Your Improvement Plan should be uploaded at evidence item 9.4.6 before publishing your assessment, with details of the Improvement plan sign off by the SIRO recorded in the comments section.  

The deadline for completing the 2020-2021 toolkit is 30 June 2021. 

Once you have uploaded your Improvement Plan and published your assessment please confirm to: cybersecurity@nhs.net and request a review of your improvement plan. 

 

What happens once you have submitted your Improvement Plan? 

NHS Digital will review your plan and, if approved, will update your toolkit status to Standards Not fully met (Plan agreed). This will NOT show any detail of which area requires improvement. 

Improvement plans will not be agreed by NHS Digital where:

- completion dates are not provided.

- where there is no realistic plan to achieve the evidence requirement.

- the plan covers more than 15 outstanding evidence items. 

You should continue to work on the actions in your plan.  

If you complete your outstanding actions, please send in an updated plan to cybersecurity@nhs.net  so that your toolkit status can be reviewed. Where you have successfully completed all the actions and met the requirements your toolkit status will be updated to Standards Met.  

You will be contacted for a progress update on your Improvement Plan if no update has been received.  

 

Help and advice. 

If you require any further details, please Contact us