The DSPT deadline of 30th June is fast approaching.
A Data Security Protection Toolkit (DSPT) audit is an NHS contractual requirement and part of Department of Health and Social Care policy for all organisations with access to NHS data as well as any organisation with access to systems such as the NHS mail and e-referral systems.
In addition, this year, key IT suppliers and independent service providers have been moved to category one if certain criteria are met relating to company size, turnover and the type of service provided.
The DSPT audit is a method of demonstrating compliance with data protection legislation and is an annual requirement. The next DSPT audit final publication deadline is 30th June 2024.
Advice from the NHS is to start early. There are multiple elements involved in completing the toolkit and it often involves many areas of the organisation. This year, changes made to the staff training and awareness element of the toolkit includes a training needs analysis, to demonstrate the training requirements and actions made by the organisation to ensure this is followed through.
This a new addition to the toolkit, with other areas seeing further changes made in regards to requirements and demonstrating compliance.
With suggested action being taken against organisations who fail to prove data protection legislation compliance, or the intention to reach compliance, many of our clients request assistance with completing the DSPT. This could be from helping complete the toolkit itself, to reviewing their completed toolkit prior to submission or providing a training needs analysis – and the training itself.
Our team have extensive experience completing the toolkit for a variety of organisations – including our own – and are well versed in ensuring it is completed correctly and in a timely manner prior to submission. If this is something we can assist your organisation with, please get in touch.