4th July 2018
The Data Security and Protection Toolkit: Information for Social Care Providers
Citizen care and support relies on timely and secure information sharing and strong data security. All organisations should provide assurance that they are practicing good data security and that personal information is handled correctly. However, all too often information is still shared via post or fax. There are numerous examples of social care providers receiving important information about citizens in this way, which puts people at risk of coming to harm.
The Data Security and Protection Toolkit (DSPT) is an online self-assessment tool for data security which supports organisations in demonstrating:
1. General Data Protection Regulation (GDPR) compliance.
2. Compliance with the expected data security standards for health and social care for holding, processing or sharing personal data.
3. Readiness to access secure health and care digital methods of information sharing such as NHSmail and Summary Care Records (a summary of GP information about an individual) and local information sharing solutions.
4. Good data security to the CQC as part of the Key lines of Enquiry (KLOEs).
The Department for Health and Social Care recommends that all social care providers complete the DSPT as they will hold, process or share personal data. Completing the DSPT is a contractual requirement for those who provide care through the NHS Standard Contract and the Toolkit helps all providers to demonstrate compliance for the GDPR, the CQC and supports information sharing.
We have worked with the Care Provider Alliance to develop the ‘Entry level’ for social care organisations, as it is understood that for many this will be a new process. ‘Entry level’ is a stepping stone to achieving at the ‘Standards Met’ level, will be time limited (subject to review) but will allow you to begin using NHSmail.
Actions to take
Step 1: Register for the Data Security and Protection Toolkit (https://www.dsptoolkit.nhs.uk/Account/register)
Step 2: Complete your organisation profile, you will be asked a series of questions about your organisation.
Step 3: Read the Entry level evidence items (https://www.dsptoolkit.nhs.uk/Help/32) and start pulling this information together.
Step 4: Go to your assessment on Data Security and Protection Toolkit and start with the Entry level evidence items (www.dsptoolkit.nhs.uk)
Registering and support available
Additional help is available on https://www.dsptoolkit.nhs.uk/Help. Requests for support can be made by email to exeter.helpdesk@nhs.net or telephone 0300 3034034.
The Care Provider Alliance has also produced specific Care Provider Guidance and Templates on their website to complement the Toolkit. This resource contains a good overview of the Toolkit and other useful information.
Overview of levels in the Data Security and Protection Toolkit