New mandatory questions on DSPT for 2025-26

New mandatory questions on DSPT for 2025-26

September 3rd 2025

The latest edition of the Data Security and Protection Toolkit (DSPT) is now live. It includes two additional mandatory questions which adult social care providers need to answer in order to reach Standards Met.

If you are completing or updating your DSPT, you will notice that there are now 45, not 43 questions that you must answer.

The new mandatory questions are:

4.3.1 Have all the administrators of your organisation’s IT system(s) signed an agreement to hold them accountable to higher standards?

The people within your organisation who are IT system administrators may have access to more information than other staff. Therefore, they need to be held accountable in a formal way to higher standards of confidentiality than others.

7.1.1 You have an asset register detailing your organisation’s hardware, software and data, which is kept up to date.

This is a list of the devices and computer software your organisation uses which has been reviewed in the last twelve months.

There are also some minor changes to the wording of other questions.

Our Better Security, Better Care team is updating our guidance, templates and resources to ensure they cover these additional questions.

 

Photo by Markus Winkler on Unsplash

 

View all News

Next Event

View all Events
September

9

September

10

View all Events