The Data Security and Protection Toolkit (DSPT)


The DPO Centre can assist your organisation to complete the self-assessment process to meet the required standards set by the National Health Service Data Security and Protection Toolkit (DSPT).

What is the DSPT?

The Data Security and Protection Toolkit (DSPT) is an online self-assessment tool that organisations can complete to measure their performance against the National Data Guardian’s ten data security standards. Any organisation accessing NHS patient data is required to complete the DSPT on an annual basis and therefore demonstrate an acceptable level of compliance on an ongoing basis.

Whilst naturally applying to NHS organisations, such as Trusts and Clinical Commissioning Groups (CCGs), it also applies to many other categories of organisations across the public and private sector. Completing the DSPT is a contractual condition when working with the NHS and where you process or access NHS data.

The Toolkit provides assurance that organisations are processing personal data responsibly and practicing good data security. It is essential for all organisations to complete their submissions prior to the 31st of March each year. Depending on which (if any) data security/protection framework your organisation already employs, fulfilling the required assertions and evidence items can be resource intensive. It is therefore advisable to start reviewing your status against the criteria of the DSPT as soon as possible and therefore assist you to decide on the level of assistance you will require.


“We have received an extremely professional service from our outsourced DPO, and where needed, the rest of the DPO Centre team. The knowledge and advice provided is exceptional.”

National Healthcare Data Management Organisation

Alternatively click one of the options below to speak to us


Email Call

How the Service Works

To assist you in this process, we offer a solution which will: 

  • Assess and identify gaps in your current data security and protection practices
  • Deliver practical advice and assistance on how to fulfil the ten data security standards
  • Provide relevant documentation where necessary to enable you to meet the required standards


Depending on your specific needs, we can tailor your assessment to review the entirety of your data protection activities, or focus solely on the requirements of your DSPT submission.

Enquire Today

Fill in your details below and we’ll get back to you as soon as possible

Alternatively click one of the options below to speak to us


Email Call



Alex Aucutt-Ford

Spencer Hospitals

“Our DPO from the DPO Centre has been excellent. They are happy to answer any questions we have, and have been a great sounding board for our Information Governance team which has supported all the great work the team does. By helping to provide a clear and prioritised plan of action, our DPO has ensured that we stay on track to meet our compliance goals.”