Help
Guidance and support documentation.
1. Overview and introductory guidance
This page provides an overview of the Data Security and Protection Toolkit (DSPT).
2. Contact us
If you have a support query, please get in touch.
3. About the Data Security and Protection Toolkit
This page provides an overview of what the toolkit is, who should complete the toolkit, and why.
4. Strengthening Assurance - Independent Assessment Guides 24-25 v7 for IT Suppliers, OES Independent providers and NHS Organisations
Guidance for DSPT independent assessment or audit providers, including auditors for IT Suppliers, OES Independent providers, NHS Trusts (Acute, Foundation, Ambulance and Mental Health), Integrated Care Boards, Commissioning Support Units and DHSC Arm’s Length Bodies. The guidance is designed to be used by DSPT independent assessment providers, including internal auditors, when assessing DSPT submissions.
5. Organisation types
This document defines the organisation types within the Data Security and Protection Toolkit in 2024-25.
6. Data security standards - big picture guides
These ten guides provide more information on the ten data security standards, including suggestions and examples of how the standards might be achieved. Details of guidance available for NHS Trusts, Interrogated Care Boards, Commissioning Support Units and ALBs is also available.
6.1 Additional Information on evidence item 1.1.2
Further information to support OES Independent Providers and IT Suppliers to complete evidence item 1.1.2.
6.2. Data Security and Protection Toolkit staff awareness questions
This list of questions can be used in local training materials or incorporated into local e-learning solutions.
7. Incident reporting
Guidance on reporting a data security incident in accordance with the General Data Protection Regulation and The Security of Network and Information Systems Directive.
8. Frequently asked questions
Responses to frequently asked questions regarding the Data Security and Protection Toolkit.
8.1 e-Learning – data security awareness – frequently asked questions
e-Learning – data security awareness – level one (v3.0)