![]() ![]() The DSPT is an extensive and detailed questionnaire. ![]() What Are the Challenges in Completing the DSP Toolkit? Action is taken immediately following a data breach or a near miss, with a report made to senior management within 12 hours of detection.ĭata Security Standard 7: A continuity plan is in place to respond to threats to data security, including significant data breaches or near misses, and it is tested once a year as a minimum, with a report to senior management ![]() ![]() All access to personal confidential data on IT systems can be attributed to individualsĭata Security Standard 5: Processes are reviewed at least annually to identify and improve processes which have caused breaches or near misses, or which force staff to use workarounds which compromise data security.ĭata Security Standard 6: Cyber-attacks against services are identified and resisted and CareCERT security advice is responded to. Once completed, organizations can publish their completed DSPT to further increase that trust.ĭata Security Standard 4: Personal confidential data is only accessible to staff who need it for their current role and access is removed as soon as it is no longer required. The DSP Toolkit also helps organisations protect against data breaches by requiring them to demonstrate compliance with the key points of the General Data Protection Regulation (GDPR), as identified in the NHS GDPR Checklist, as well as with the guidelines of other frameworks, such as the Data Protection Act 2018 and ISO 27001. This, in turn, reduces the likelihood that patients will withdraw their consent for sharing personal information with such organisations. A higher level of accountability raises public confidence that the NHS and its partner organisations can be trusted with confidential data. The purpose of the DSPT is to demonstrate to these people and the people you work with – GPs, NHS services, commissioners, regulators – that your organisation can be trusted to handle confidential patient data appropriately and securely. The field of data privacy and confidentiality is a growing area of interest to organisations as people are becoming more aware of their data protection rights. The keywords here are: accountability and compliance. This is why annual or semi-annual completion is mandatory. The 10 security standards are designed to address basic cyber vulnerabilities and to ensure that attacks such as WannaCry can be better prevented in the future.Īs data security standards are constantly changing, the DSP Toolkit and its requirements are reviewed on a regular basis and updated to ensure they are always aligned with current best practices. These standards were formulated as a response to the WannaCry ransomware attack, which took place in 2017 and affected several organizations around the world – including NHS trusts. All organizations in the healthcare sector – from NHS trusts to nursing homes to GPs – must complete the DSP Toolkit annually (or twice a year for larger organizations) to measure their level of compliance with the data and information governance requirements, as stipulated by the Department of Health and Social Care, in particular the 10 Data Security Standards set out by the National Data Guardian. statements) which are again divided into 179 evidence items (sub-questions). Posting on LinkedIn today Sarah Lambie, Traineasy's Director of Business Development said, "After a lot of work (100 mandatory evidence items provided and 40 assertions confirmed) we can now show compliance with NHS Digital's Data Security and Protection Toolkit.The Data Security and Protection Toolkit (DSPT), provided by NHS Digital, is a free online self-assessment questionnaire based on the 10 Data Security standards. Having been compliant with the Toolkit's predecessor (the NHS IG Toolkit) and as a significant supplier of learning management and online appraisal solutions to the NHS in England, Traineasy's technical and senior management teams embarked on the task to demonstrate that the organisation's policies, practices and processes together show that Traineasy meets the National Data Guardian's standards. NHS Digital's Data Security and Protection Toolkit is a detailed online self-assessment tool that allows organisations to measure their performance against the National Data Guardian’s 10 data security standards. The National Data Guardian’s 10 data security standards relate to personal confidential data, staff responsibilities, training, managing data access, process reviews, responding to incidents, continuity planning, unsupported systems, IT protection and accountable suppliers. ![]()
0 Comments
Leave a Reply. |