Data Security and Protection Toolkit

As data security standards evolve, the requirements of the Data Security and Protection Toolkit are reviewed and updated to ensure they are aligned with current best practice.

This means that each year we are required to submit our annual assessment so that our processes and procedures are reevaluated. In December we published our 2023-24 NHS Standards Exceeded Data Security and Protection Toolkit assessment to renew our accreditation performance.

WHAT IS THE DATA SECURITY AND PROTECTION TOOLKIT?

The Data Security and Protection Toolkit allows organisations to measure their performance against the National Data Guardian’s 10 data security standards. Any organisation that has access to NHS patient information must provide assurances that they have the correct measures in place to keep this information safe and secure.

Completion of the DSPT is a contractual requirement specified in the NHS England Standard Conditions contract and it remains Department of Health and Social Care policy that all bodies that process NHS patient information for whatever purpose provide assurances via the DSPT.

This framework provides NHS organisations with a detailed list of trusted, proven suppliers that come with a wealth of experience in securely processing NHS patient information for a range of services. The accreditation helps identify partners who are pre-approved in being about to support the changing market requirements and meet the standards of the market.

Since 2018 we have met the National Data Guardian’s 10 data security standards and held the highest certification at “Standard Exceeded” for this accreditation.

We are pleased to announce that we have retained our accreditation standard with our most recent assessment, with CFH being the only communications provider to hold this status.

Crown Commercial Service Supplier