About the DSPT

The Data Security and Protection Toolkit (DSPT) is the officially-recognised self-assessment tool on data protection and cyber security for adult social care providers in England. 

Background 

The DSPT is a free, online self-assessment of health and social care providers’ data security and protection policies, procedures and processes. 

It is not just about technology and digital records – it is about any information that care providers hold about any person – staff, clients, funders, partners or visitors – including paper records. 

By answering a series of questions, care providers can demonstrate that they are compliant with data protection legislation, the health and social care data security standards, and good practice. 

The DSPT for social care is specifically designed for adult care providers. 

Central and local government bodies, local authority and ICB commissioners, the Care Quality Commission and the National Data Guardian recognise it as the official tool to evaluate your compliance with legal requirements, data security standards and good practice. 

If you have services funded by the NHS, for example under continuing healthcare, there is a contractual requirement to complete the DSPT every year. 

All adult social care services in England, including residential and nursing homes, supported living, homecare, extra care, shared lives and day services, are strongly recommended to complete the DSPT. It’s increasingly what local authorities, ICBs and the Care Quality Commission will expect to see. 

Better Security, Better Care is the free and official support programme to help care providers complete their DSPT. 

Benefits 

By using the DSPT on an annual basis and reaching Standards Met you will be able to: 

  • reassure people who use services, their families and your staff that you are managing their information safely. Most people expect you to share information with others who support them – but you must do this securely and legally 
  • answer the Care Quality Commission’s Key Line of Enquiry questions about how you manage data securely (see KLOE W.2.8) 
  • demonstrate that you meet legal requirements including Data Protection Legislation and the Data Security Standards 
  • access key services such as NHSmail and shared care records. 

 Access to shared systems and NHSmail 

The DSPT opens up potential access to shared systems, as the toolkit reassures NHS colleagues that care providers are operating to the same data security standards as NHS bodies. By completing the toolkit and achieving ‘Standards Met’, care providers can access the following systems: 

  • GP Connect 
  • Local shared care records 
  • Proxy access to GP records 
  • Proxy access for medication ordering 
  • Summary care records 

NHSmail is a free, secure email system available to care providers. NHS bodies require care providers to use secure email systems if they are communicating with them. To access NHSmail care providers must reach ‘Approaching Standards’ or above on the toolkit. 

Next steps

If you are ready to start your DSPT assessment for the first time, or review and republish, we provide detailed guidance including how to answer all of the mandatory questions. Access our comprehensive guidance.

Contact us 

If you want to find out more about the DSPT, or get involved with the Better Security, Better Care programme which supports the use of the Toolkit, contact [email protected]. 

Back