Our compliance programme continues this month with news of another accreditation, this time from NHS Digital.
The Data Security and Protection Toolkit (DSPT) is the officially-recognised self-assessment tool on data protection and cyber security procedures and processes for any organisation involved in adult social care in England.
Meeting the NHS Digital standards is not just concerned with the technology and digital records that Alocura’s digital systems such as Rostrata work with – it is about any information that care providers we work with hold about any person – staff, clients, funders, partners or visitors – including paper records.
By answering a series of questions, the care providers we work with can demonstrate that they are compliant with data protection legislation, the health and social care data security standards, and good practice.
Central and local government bodies, local authority and ICB commissioners, the Care Quality Commission and the National Data Guardian recognise DSPT as the official tool to evaluate compliance with legal requirements, data security standards and good practice. It’s increasingly what local authorities, ICBs and the Care Quality Commission expect to see, too.
By using the DSPT on an annual basis and reaching Standards Met we are able to…
- reassure people who use services, their families and staff that we are managing their information safely. Most people expect us to share information with others who support them – but we must do this securely and legally
- answer the Care Quality Commission’s Key Line of Enquiry questions about how we manage data securely
- demonstrate that we meet legal requirements including Data Protection Legislation and the Data Security Standards
- access key services such as NHSmail and shared care records.
Access to shared systems and NHSmail
The DSPT opens up potential access to shared systems, as the toolkit reassures NHS colleagues that care providers are operating to the same data security standards as NHS bodies. By completing the toolkit and achieving ‘Standards Met’, care providers can access the following systems:
- GP Connect
- Local shared care records
- Proxy access to GP records
- Proxy access for medication ordering
- Summary care records