Do you need help with your NHS DSP Submission?
The next Data Security & Protection Toolkit submission deadline is June 2022, and if your organisation or business has access to NHS patient data and systems then you MUST use the toolkit to provide assurance that you are offering and practising good data security and management, ensuring that all data is held, used and stored correctly in accordance with NHS and regulatory guidance.
The NHS needs to show it is asking relevant due diligence questions of its supply chain partners to protect itself when things go wrong. CCG contracts ask for DSP Toolkit submissions to be made by suppliers to the NHS. Without satisfactory submissions organisations may be in breach of their contract.
An organisation having good Cyber Security and GDPR measures in place will be better placed to provide a positive submission. We can help you and your organisation do this. Whther you are a GP surgery, Local Authority, NHS Business Partner, Charity or Dentist to name but a few.
What is the DSP Toolkit exactly?
As a Health and Social Care organisation, you collect, manage, and share sensitive data about your patients. It’s important that you have the right cyber security and data protection measures in place to protect it.
One of the ways the NHS protects data in the supply chain and carries out due diligence of suppliers is by asking organisations with whom data is shared, both directly and indirectly engaged, to provide a DSP (Data Security and Protection) Toolkit submission; formerly known as the IG Toolkit.
The DSP Toolkit is an annual, online self-assessment used to check and demonstrate compliance with cybersecurity and data protection standards. Most organisations will be required to respond to the Category 3 DSP Toolkit that consists of up to 86 questions – mandatory and optional – regarding your organisation’s state of compliance and alignment to the toolkit requirements as a contracted NHS supply chain partner.
Organisations must answer each question honestly and provide evidence of what is being done to reduce the risk of cyber-attacks and data breaches based on their data protection posture. Failure to submit the DSP Toolkit or meet the required standards could directly or indirectly result in 1) a breach or loss of contract, 2) invalidation of business cyber / breach insurance and 3) regulatory review in the case of a notifiable breach orincident between the parties.
The deadline for the delayed 2021 DSP Toolkit submission is 30 June 2022. Organisations should now be beginning to prepare the groundwork for their submission; we can support you.
Why work with Cybata on your DSP Toolkit Submission?
We’ve worked with dozens of charities and healthcare organisations. From data protection training and audits to data migration and analysis.
Our expertise in your world makes us the perfect partner to work with on your DSP Toolkit submission. After all, it’s important you get it right so that you can continue working on your existing NHS contracts, or win new ones.
Get in touch today, for a no-obligation discussion about how we can help your organisation put together the best possible submission.
Get in Touch
We would be thrilled to hear from you