The DSP Toolkit team reminds organisations that they need to complete and publish their Data Security Protection Toolkit (DSPT) self-assessment by 30 June 2024. The DSPT online self-assessment tool enables organisations processing health and care data to gauge their performance against the National Data Guardian’s 10 Data Security Standards.

GP Practices with access to NHS patient data and systems are encouraged to conduct and publish a DSPT self-assessment annually to assure compliance with good data security practices and proper handling of personal information, including the security of patient data. Publishing an annual DSPT self-assessment also aids organisations in demonstrating GDPR and cyber maturity, as well as fulfilling NHS contractual obligations.

Given that many organisations have completed the DSPT before, much of the information will already be available in their toolkit assessment. However, it is essential to review and update previous entries and republish before the deadline.

To proceed, GP Practices are urged to log into their DSPT account and complete the assessment for 2023-24. They should review and confirm responses carried forward from the 2022-23 submission and address any new or changed evidence items.

The DSP Toolkit team provides resources to support organisations in completing their assessment, including webinar training events, overview and introductory guidance, proformas, policies for smaller organisations, Big Picture Guides, and webinar recordings.

For any questions or assistance with the assessment, organisations are encouraged to contact the DSP Toolkit Team.

Kind Regards

The DSP Toolkit Team