Help

Guidance and support documentation.

1. Overview and introductory guidance

This page provides an overview of the Data Security and Protection Toolkit (DSPT).

2. Contact us

If you have a support query, please get in touch.

3. About the Data Security and Protection Toolkit

This page provides an overview of what the toolkit is, who should complete the toolkit, and why.

4. Strengthening Assurance - Independent Assessment Guides 24-25 v7 for IT Suppliers, OES Independent providers and NHS Organisations

Guidance for DSPT independent assessment or audit providers, including auditors for IT Suppliers, OES Independent providers, NHS Trusts (Acute, Foundation, Ambulance and Mental Health), Integrated Care Boards, Commissioning Support Units and DHSC Arm’s Length Bodies. The guidance is designed to be used by DSPT independent assessment providers, including internal auditors, when assessing DSPT submissions.

5. Organisation types

This document defines the organisation types within the Data Security and Protection Toolkit in 2024-25.

6. Data security standards - big picture guides

These ten guides provide more information on the ten data security standards, including suggestions and examples of how the standards might be achieved. Details of guidance available for NHS Trusts, Interrogated Care Boards, Commissioning Support Units and ALBs is also available.

6.1 Additional Information on evidence item 1.1.2

Further information to support OES Independent Providers and IT Suppliers to complete evidence item 1.1.2.

6.2. Data Security and Protection Toolkit staff awareness questions

This list of questions can be used in local training materials or incorporated into local e-learning solutions.

7. Incident reporting

Guidance on reporting a data security incident in accordance with the General Data Protection Regulation and The Security of Network and Information Systems Directive.

8. Frequently asked questions

Responses to frequently asked questions regarding the Data Security and Protection Toolkit.

8.1 e-Learning – data security awareness – frequently asked questions

e-Learning – data security awareness – level one (v3.0)