Data Security & Protection (DSPT)

CQC now expect a compliant DSPT assessment in line with their well-led quality statements regarding Governance, Management and Sustainability, and are now asking for it during inspections. If you have never published it or if you have not republished your assessment in the last 12 months, contact or call 01707 708018 for free support to complete it.

As part of the Better Security, Better Care programme, HCPA has been funded by NHSX to provide FREE support to Care Providers in Hertfordshire and Essex with completion of their DSPT.

The DSPT is an annual online assessment of your Data Protection & Cyber Security practices. As a care provider you need to ensure that you manage personal data securely within GDPR.

This assessment will take you through the necessary aspects of data compliance, mitigate the risk of disruption and financial and reputational repercussions from data breaches and cyber attacks and ensure best practice.

Once you have published the toolkit, you provide confidence to your service users and their families that you have met the required standard and are continuing to review and improve your data management and they can trust you to handle and process their personal data securely and appropriately.

Completion is a requirement to take advantage of key NHS systems and data initiatives, which save time and streamline processes.

  • NHSmail
  • Online Medication Ordering
  • Digital Social Care Records (DSCR)/Digital Transformation Fund
  • SystemOne
  • Hospital discharge information

It is also a requirement for delivering NHS contracts and for some local authorities.

What can the DSPT Team do for you?

  • Ensure you are compliant with Data Security law
  • Support completion of your Data Security & Protection Toolkit (DSPT)
  • Offer individual sessions to work through Toolkit questions
  • Share policy templates & guidance
  • Ensure you have mapped where you hold data
  • Ensure you are sharing Data legally
  • Help you meet Data management requirements for NHSmail and Online Ordering (Proxy Access)

Want to contact us for assistance or book a 1:1 session?


Call: 01707 708018

Alternatively, you can book onto any of our workshops

    • Awareness of DSPT and other NHS free digital initiatives
    • DSPT Introduction
    • Lite Bites (half hour sessions to fit into your busy day)
      • IAR/ROPA
      • Policies
      • Staff Training
      • CQC Expectations
      • Cyber Security

      Book a workshop


You can access guidance and pre-recorded videos in your own time covering how to register, how to complete and publish the assessment and how to republish plus there is lots of other useful information.  This can all be found via this link: Digitial Care Hub Guidance

How to get started

Single Site?
If you are completing as a single site, you will need your Organisation Data Service code (ODS code) and an email address to register.

Multi site?
If you are part of a large organisation the DSPT can be completed at Head Office/Parent level, but only if all processes and procedures are the same across all sites AND all sites are linked to the same Head Office/Parent code. Register using the Head Office/Parent code. Once complete the status will filter to all linked sites.

If this is the case, register using the HO code, once complete the status will filter to all linked sites.

Where processes & procedures differ, each site will need to register individually.

Register at

Don’t know your ODS/HO code? Search here

Problems with logging in?

DSPT (Exeter) Helpdesk (for account queries):

Telephone: 0300 303 4034


Want to contact us for assistance or book a 1:1 session?

Telephone: 01707 708018