What Is The NHS Data Security & Protection Toolkit?

The NHS Data Security & Protection Toolkit is an NHS-operated tool that allows organisations handling sensitive patient data to self-assess themselves against the 10 Data Security Standards issued by the National Data Guardian. The toolkit also requires organisations to declare their compliance and offer a transparent public statement to this effect.

It is imperative that all organisations handling sensitive patient information use the Data Security & Protection Toolkit to thoroughly assess their data security efforts & ensure effective data protection measurements are in place.

How We Can Help

We can assist you with the requirements of the DSP toolkit and we’ll help ensure that your organisation is structured how it needs to be for the assessment.

We offer the following services:

Audit Service
Submission Service
Security Testing Service

Who Should Complete It

The NHS Data Security & Protection Toolkit serves as an annual requirement for organisations wishing to access (or continue to access) sensitive NHS data. Whether you’re working directly under the NHS – or simply serving as a third party supplier to NHS organisations – it’s essential your organisation is fully-compliant with the Data Security & Protection Toolkit. 

Larger trusts or hospital groups may also be required to complete the toolkit bi-annually to ensure ongoing compliance.

Organisations that are required to comply with the NHS Data Security & Protection Toolkit are grouped into the following four categories:

The National Guardian's 10 Data Security Standards

The NHS DSP (Data Security The National Data Guardian’s 10 Data Security Standards are grouped under three distinct leadership obligations to address people, process and obligations:




When Is The Deadline?

The deadline for completing the DSP toolkit is 31st March, although it can be submitted at any point in the year. (If you are an organisation that is required to complete it twice a year, deadlines will be 31st March and 31st October). It is recommended that you get the DSP toolkit submitted as soon as you have the information ready rather than wait for the deadline to avoid unnecessary rush and potential shortcomings.

We Have Experience In The Following Sectors:

Education Schools and Colleges
Finance and Insurance
Legal and Professional
Medical and Healthcare
Software and Technology
Retail and eCommerce
Charities and Not-for-profit
Professional Sports
Transport and Logistics

Why Choose Bruce & Butler As Your NHS DSP Toolkit Specialists?

Bruce & Butler are committed to providing unmatched assistance in ensuring your organisation achieves full compliance with the NHS Data Security & Protection Toolkit. Our specialist team of data protection experts hold industry-recognised certifications, including CREST and OSCP. This is combined with decades of cyber security experience across a wide range of sectors. 

We’ll work closely with you to identify the unique requirements and facets of your organisation, before ensuring full compliance with the NHS DSP toolkit in a comprehensive and cost-effective manner.

Get in touch with us today to learn more about how our NHS Data Security & Protection Toolkit services can safeguard your organisation.