Care providers need to review, update and republish their Data Security and Protection Toolkit at least once a year in order to ensure it is up to date.
After you have published the toolkit for first time, you will see all 77 toolkit questions. These include the 42 mandatory questions for Standards Met and additional non-mandatory ones.
You can make changes to your toolkit questions and republish at any time throughout the year. The toolkit does have to be published at least once every toolkit year (currently, the toolkit year runs from 1 July to 30 June).
Your answers from your previous publication will be saved on your DSPT account. However, at the beginning of each toolkit year (i.e. 1 July), although your previous answers will still be stored on your DSPT assessment, the word COMPLETED will have disappeared from the final column.
To republish in the new toolkit year, you should follow these steps. (Note: there are some additional steps for multi-site organisations here.)
When you have COMPLETED the 42 Standards Met mandatory questions you then will be able to republish your submission.
2. Click the blue box at the bottom of the page which says “Publish Assessment”.
3. You will then be asked to confirm that your Organisation Profile is correct. Make any changes you need.
4. Click on “Publish Assessment” again.
If you have answered all 42 mandatory questions, you will receive an email confirming your submission has been successful and this message will appear on your screen.
If you try to publish the assessment, but you have not answered one or more of the mandatory questions then you will get an error message.
Complete the questions flagged and try publishing again.
If you are completing a Headquarters Assessment and/or publishing your DSPT on behalf of multiple sites or branches, you will need to choose which sites to include within your DSPT publication.
2. You can export the list as a CSV file if it is easier to view it in a spreadsheet. Click on Export Branch List as CSV.
3. The DSPT list should reflect your CQC registrations but if the list is incorrect, please contact the Data Security and Protection Toolkit team to provide details of missing/incorrect branches and request that the ODS record is updated to match the CQC details.
If your organisation is not flagged as a Headquarters, but you previously published on behalf of other sites in your last DSPT, you will be able republish for sites within your CQC registration as well as other sites previously added. Any problems with the list of sites you can see, contact the Data Security and Protection Toolkit.
4. Review, update and save any changes to your previous questions. When you have COMPLETED the 42 Standards Met mandatory questions you then will be able to republish your submission.
5. Click the blue box at the bottom of the page which says “Publish Assessment”. You will be taken to a page that asks Who you would like to publish for?
It may be that you wish to publish for some of your branches straightaway, as others may not be ready, e.g. if relevant training has not yet been cascaded across the whole organisation. If the list contains branches that you don’t wish to publish for (i.e. because they are either incorrect or not ready), you can choose to exclude them at the “publish” step. It is fine to add them in at a later date, and the system allows you to do this.
6. Select all the branches you wish to publish for and click “Continue” to complete your DSPT submission.