Better Security, Better Care (DSPT)
This offer of support is part of the Better Security, Better Care programme, funded by NHSX to support data and cyber security across the adult social care provider sector.
Contacts for further support:
SCA DSPT Team: Phil Ellis Martin, Alan Willmott & Lisa Mack.
Email Address: surreydspttoolkit@gmail.com
Tel: 07547 159443
What do I do next?
The DSPT has been criticised as being too technical and difficult to understand, so many of the questions have been simplified or updated to reflect the world we work in at the moment (eg using more mobile devices) or have been removed all together. As you have published the DSPT before at Standards Met, this should not take you too long to do. You will need to sign into your DSPT account and answer the new questions.. Any questions that have not been changed from the previous version will have your answers carried over. Once you have answered the new questions and confirmed each section (remember you only need to complete those marked ' Mandatory') you can republish the toolkit for the coming year.
Read more
Read more
The Entry Level DSPT standard was withdrawn on the 1 March 2021 and replaced by a new 'Approaching Standards' level. Approaching Standards requires more work than Entry Level. We recommend that all Care Providers currently at Entry Level work towards completing the DSPT to Standards Met, particularly if you have an NHS Mail account. You have until the 30 June 2021 to do this. The DSPT Toolkit was updated on the 1 December and many questions have either been removed, rewitten or simplified. We are here to support you with this.
Read more
Read more
The DSPT is an online toolkit which you are required to complete if you have access to any NHS data systems (including NHS Mail). As we increasingly work in a digital world the NHS intends to further open its systems to Adult Social Care providers. By having access to the NHS's digital systems it will transform the way we deliver care but in order to do this, providers must be able to demonstrate that they have adequate Data Protection policies in place. This is where the Toolkit comes in.
Read more
Read more
What is the DSPT?
Guidance on how to complete the DSPT
- DSPT Getting Started Guide
- Registration guidance
- Standards Met guidance
- Video guides for completing the DSPT
- Getting Started Webinar recordings
Action Plans to help you complete the DSPT
- DSPT Action Plan - Data Security
- DSPT Action Plan - IT Systems and Devices
- DSPT Action Plan - Policies and Procedures
- DSPT Action Plan - Staffing and Roles
- Organisation profile questions – Guidance for social care organisations
Templates
Sign up to the latest information from Digital Social Care here.
Many of you may well have had a 'reminder' email from the national team to advise you that the updated Data Security and Protection Toolkit (DSPT) for 2021-22 is now available and organisations can complete their assessment. If you want to get a head start while your local regional team is in place and funded, please join us at one of these sessions.
Christmas Specials
Tuesday 14 December - 14:00 - 15:00hrs
BOOK HERE
There is so much going on, especially over this festive period, that it is easy for people to let their guard down over data and cyber protection and security. The friendly elves from the DSPT team are here for understandable help, advice and support.
The Twelve Days of Cybersecurity Christmas
TIP 1 - You are a target to hackers
-
Don't ever say, "It won't happen to me." We are all at risk and the stakes are high - both for your personal and financial well-being. Cybersecurity is everyone's responsibility.
TIP 2 - Keep software up-to-date
-
Turn on Automatic Updates for your operating system. Use web browsers such as Chrome or Firefox that receive frequent, automatic security updates.
TIP 3 - Avoid Phishing scams - beware of suspicious emails and phone calls
-
Be suspicious of any official-looking email message or phone call that asks for personal or financial information.
TIP 4 - Practice good password management
-
We all have too many passwords to manage - and it's easy to take short-cuts, like reusing the same password.
TIP 5 - Be careful what you click
-
If attachments or links in the email are unexpected or suspicious for any reason, don't click on it.
TIP 6 - Never leave devices unattended
-
The physical security of your devices is just as important as their technical security. If you need to leave your laptop, phone, or tablet for any length of time - lock it up so no one else can use it. For desktop computers, lock your screen or shut-down the system when not in use.
TIP 7 - Safeguard Protected Data
-
Be aware of Protected Data that you come into contact with and its associated restrictions. Securely remove sensitive data files from your system when they are no longer needed. Always use encryption when storing or transmitting sensitive data
TIP 8 - Use mobile devices safely
-
Considering how much we rely on our mobile devices and how susceptible they are to attack, you'll want to make sure you are protected.
TIP 9 - Install antivirus/anti-malware protection
-
Only install these programs from a known and trusted source. Keep virus definitions, engines and software up-to-date to ensure your programs remains effective.
TIP 10 - Back up your data
-
Back up regularly - if you are a victim of a security incident, the only guaranteed way to repair your computer is to erase and re-install the system.
TIP 11 – Training and Awareness
-
Staff training and awareness is equally important as having the relevant technical security in place. Staff should feel comfortable questioning anything which feels suspicious, even if it turns out to be legitimate.
TIP 12 – Plan
-
Plan for an attack - identify your critical assets and have a response plan.