0203 3013384
SUPPORT

NHS Toolkit audit and support

_0000_2560px-Macmillan_Cancer_Support_logo.svg
_0012_rhodes
_0018_Boxpark_LOGO
_0010_reigate_and_banstead_borough_council
_0013_SWAST
_0015_RDUH
_0014_Bristol-Airport-logo
_0003_Exeter Chiefs
_0001_Maidstone Borough Council
_0002_Birmingham Airport

overview

Ensure Compliance
with our NHS Toolkit Audit (DSPT) Support

Are you required by the Department of Health and Social Care to complete the NHS Data Security and Protection toolkit (DSPT)? Do you need help with your DPST submission? Perhaps you are looking for an organisation to audit your work before you post your submission. 

At DPAS we offer tailored consultancy support that is specifically designed to meet the unique needs of your organisation. Our consultants will work closely with you to assess your current data protection practices and identify any gaps or areas that require improvement before your submission. We’ll guide you through each requirement of the DSPT, helping you develop robust policies and procedures to ensure compliance. We’ll help you understand the toolkit’s requirements in simple terms, provide practical guidance, and assist you in implementing the necessary measures to meet the standards. 

If you’ve already completed the DSPT ready for submission, we can audit the work you’ve done to ensure the the submission will meet the standards. By using a specialist consultancy, like DPAS, you can ensure that your DPO and IG teams can continue with business as usual. 

GET IN TOUCH

nhs toolkit audit and support

On top of an already demanding workload, we had a new system integration, a merger to form a new Trust, and the impact of Covid to deal with. DPAS really helped to take the pressure off by helping with complex SARs, and DPIAs. Having no idea how many SARs you may receive, having the ability to flex by using additional resources can be quite useful. Knowing I can rely on Charlotte’s support with DPIAs and data sharing agreements, really takes the pressure off. It is really helpful, having someone that can take the time out to review requests.

rhiannon platt

royal devon university healthcare NHS FOUNDATION TRUST

Benefits

  • Expert guidance

Our experienced data protection consultants possess in-depth knowledge of data security and data protection regulations, that coupled with experience dealing with submissions on behalf of the NHS Trusts means you are in good hands. Giving you confidence in completing the DSPT, and allowing you the time to focus on other business activities. 

  • flexibility

You can adjust the level of support you receive based on your organisation’s needs, which can be especially valuable during times of growth or change. We can provide support with minimal disruption to your organisation.

  • Save time and resources

Completing the NHS toolkit can be time-consuming, especially if you’re unfamiliar with the process. Our consultancy service streamlines the completion process, saving you valuable time and resources. We’ll handle the complexities, allowing you to focus on your core operations. 

  • Reduced Risk

Data protection regulations are constantly changing and evolving. When you outsource an audit and/or support for the DSPT, you can rely on the expertise of your service provider to stay up to date on the latest regulations and ensure that your organisation is compliant, and therefore have a comprehensive understanding of the associated risks. 

  • COST SAVINGS

Your organisation can tailor the support based on where there are gaps in compliance within the DSPT. Outsourcing this support reduces the need to develop resources, capacity, and capability needed to improve compliance which can result in significant cost savings for your organisation. 

  • improved focus

Using an external provider to provide tailored support and an audit (if required) of the DSPT allows you to focus on your core business activities, whilst having the peace of mind that compliance is being managed by the experts. This can improve overall efficiency and productivity within your organisation. 

  • ACCESS TO EXPERTISE

You will gain access to a team of experts who have specialised knowledge and experience in data protection and in particular the DSPT. This can help ensure that your organisation is complying with all relevant data protection regulations and best practices regarding the Mandatory requirements for the DSPT. 

  • No Conflict of Interest

Using DPAS ensures a fresh pair of eyes on your organisations processes and an independent assessment to ensure you are compliant with the DSPT’s requirements. You also are assured that the audit and/or support will not be subject to internal conflicting decision-making. 

What's Included?

The scope of the DSPT includes the following requirements that we can provide support for:

    • Creation and/or review of your policy suite to ensure you have the relevant data protection and information security policies and procedures in place notably an acceptable use policy and procedures.
    • Review of your data breach reporting and monitoring to minimise the risk of recurrence.
    • Creation and/or review of data breach/incident log and supporting documents if gaps are identified.
    • Creation and/or review of Records of Processing Activities (ROPA), Risk Register and Information Asset Register (IAR).
    • Review your Individual Rights compliance including Subject Access Requests (SARs) and support compliance where required if gaps are identified.
    • Review your NHS National Opt-Out compliance.
    • Review and/or complete an annual training needs analysis.
    • Review and/or develop role-based training for staff who need a greater understanding of data protection and information security e.g., IT Administrators.
    • Review training and awareness compliance (at least 95% of staff, directors, trustees, and volunteers must complete data protection and cyber security training annually).
    • Review and/or complete a ‘Supplier Assessment’ including a review of all contracts, creating a supplier list with contact details, etc.
    • Review and assist (if required) with a list of all staff (and volunteers if applicable), and their current roles to ensure it meets the requirements.
    • Review and/or develop cyber security/data security protocols and procedures including access control management procedures and password management protocols and procedures.
    • Review and/or develop your business continuity and disaster recovery plan including a procedure for testing the data and cyber security aspects of its business continuity plan.
    • Support through Cyber Essentials Certification.

The report created during the audit and support can be used within your board meetings to demonstrate your commitment to the importance of data protection and individual’s rights as well as demonstrate compliance with the DSPT.

Monthly updates on ICO guidance. Bi-weekly data protection bulletins.

Access via our online portal to a full suite of free templates, tools, policies, and more.

Meet Our Team Of DPO's & CONSULTANTS

Nigel Gooding

Chief Data Protection Officer

Natalie Bennett

Head of Data Protection Consultancy

Charlotte Bolt

Senior Data Protection Consultant

kunbi adekunbi

data protection consultant

lauren durham-hutchins

data privacy officer

gary o'reilly

legal counsel Consultant

WE WORK WITH FTSE 100s Multi-National Organisations Schools Universities Councils Local Governments Agencies NHS Trusts GP Practices Retailers Charities Multi-Academy Trusts Housing Associations Ambulance Services Insurance Companies Sporting Associations Airports Retail Companies Hospitality Businesses

Book Your Call
REQUEST A QUOTE
"WE HAVE RECEIVED FANTASTIC SERVICE, DELIVERED BY A GREAT TEAM WHICH HAS MADE A HIGHLY COMPLEX PROJECT EASY TO DIGEST"

- We decided to use DPAS because we felt that they were a good fit for the BOXPARK brand being a boutique data protection advisory company. Since the commencement of the project we have received fantastic service, delivered by a great team which has made a highly complex project easy to digest. They hit every deadline and continue to provide us, and our team, with easy to understand data protection advice and support.
Matthew CarterBOXPARK
Matthew Carter
"I WAS EXTREMELY RELIEVED TO FIND THE FRIENDLY TEAM AND EXCELLENT SERVICE AT DPAS"

They went out of their way to support me in a short timeframe, not only to fulfil my data privacy criteria - which included more complex special category data processing - but also with trusted legal support, which - being all under one DPAS roof - was easier to access and significantly more time and cost effective
Kate Shepperd-CohenMENSTRUAL SUPPORT SERVICE
Kate Shepperd-Cohen
"DPAS' APPROACH WAS THOROUGH, EFFICIENT AND REMARKABLY UNOBTRUSIVE FROM AN OPERATIONS PERSPECTIVE"

We enlisted DPAS to help with our journey to gdpr compliance as we didn't have the resource and skills available within our team. DPAS' approach was thorough, efficient and remarkably unobtrusive from an operations perspective. Post completion of the project, we not only had a clearer idea of the risks and issues that attend GDPR compliance directly, but also managed to tidy up in house data processing to ensure we are more efficient as a business.
Giles Squirrel TEIGNMOUTH MARITIME SERVICES
Giles Squirrel
"DPAS REALLY HELPED TO TAKE THE PRESSURE OFF BY HELPING WITH COMPLEX SARS, AND DPIAS"

On top of an already demanding workload, we had a new system integration, a merger to form a new Trust, and the impact of Covid to deal with, DPAS really helped to take the pressure off by helping with complex SARS, and DPIAS. Having no idea how many SARs you may receive, having the ability to flex by using additional resources can be quite useful. Knowing I can rely on Charlotte's support with DPIAs and data sharing agreements, really takes the pressure off. It is really helpful, having someone that can take the time out to review requests.
Rhiannon PlattROYAL DEVON UNIVERSITY HEALTHCARE
Rhiannon Platt
"LEGAL SUPPORT, WITH AN ETHICAL AND PRAGMATIC TWIST"

Bristol Airport have worked closely with DPAS for several years - they have been instrumental in providing services helping us to deliver transformative projects across our Airport.
Kate Maddock-Jones BRISTOL AIRPORT
Kate Maddock-Jones
"FROM OUR EXPERIENCE, EVERY ONE OF THE TEAM ARE KNOWLEDGEABLE AND EXTREMELY COMPETENT"

DPAS have been hugely helpful in recent years in ensuring that SWAST are doing our best and continuing to comply with information governance best practice and compliance. From our experience, every one of the team are knowledgeable and extremely competent. We have benefited from a range of services from DPAS and specifically acting as our Data Protection Officer, offering training, advice and adding to our Information Governance capacity which was welcome and much needed.
Tim BishopSWAST
Tim Bishop
"WHEN WE WENT TO THE MARKET, DPAS IMPRESSED US WITH THE BREADTH AND DEPTH OF THE SERVICES THEY OFFERED"

We were looking for an independent review and audit of our data processing activities and policies across the Rhodes Trust and our partner programmes. When we went to the market DPAS impressed us with the breadth and depth of the services they offered. We are a relatively complex organisation, the DPAS team quickly understood how the our work fits together, and throughout the audit process I’ve appreciated the expertise of each member of the team that we’ve worked with. Their advice throughout has been reassuringly thorough, pragmatic and tailored to our needs.
Matthew TreavisRHODES TRUST
Matthew Treavis
"WE ARE VERY HAPPY WITH THE HIGH STANDARDS OF SERVICE RECEIVED "

The University of Exeter Students’ Guild were keen to ensure we were delivering our GDPR commitment on time and on track. We therefore needed a qualified Data Protection Officer to monitor our progress, provide assurance that we were on the road to compliance and maintain the role going forward. We sourced Data Privacy Advisory as they were local and have 20 years Data Protection experience. WE ARE VERY HAPPY WITH THE HIGH STANDARDS OF SERVICE RECEIVED and the training provided was not only delivered professionally but completely tailored to our business type. I highly recommend Data Privacy Advisory if you have GDPR worries or you are considering having a Data Protection Officer look after your organisation.
Mark JohnsonUNIVERSITY OF EXETER STUDENTS GUILD
Mark Johnson
"A GREAT, RELIABLE SERVICE WHEN WE NEED IT MOST "

DPAS provides us with excellent, responsive advice when we need to supplement our in-house resource – a great, reliable service when we need it most.
Carys JonesRBBC
Carys Jones
Previous
Next

WHY OUR
CUSTOMERS
CHOOSE US

WHAT MAKES US DIFFERENT

Easy to understand data privacy and information security services that are always accessable, consistenty pragmatic and continually exceeding expectations.

  • eXPERTISE

Keeping on top of the changing DSPT criteria can be a challenge in itself. By outsourcing to an expert consultancy like DPAS, you can feel confident that you have the resources and expertise to ensure your submission is of a high standard.Having a consultant on hand, whether it is for auditing or completion of the DSPT, will allow you to be confident that you have effectively evidenced the DSPT standards.

  • flexibility

At DPAS we pride ourselves on our pragmatic approach, allowing you to be in control of how much support you require, and how that is scheduled. This allows you to work with as little disruption as possible, and make working with a consultant as smooth as possible. 

  • confidence

Choosing an expert data protection consultant means you can feel confident in your DSPT submission. Freeing up time for your team to continue with business as usual, without the stress of the looming submission deadline. DPAS has worked tirelessly to ensure that we constantly exceed our clients expectations. 

  • Access to Free Resources & Support

DPAS understands the budget restraints within the NHS, we therefore provide bespoke, and flexible, options to ensure that you can feel supported whilst remaining within budget.

  • iNDUSTRY EXPERIENCE

We have a wealth of experience delivering data protection and information security projects and training, to public, private, and third sectors. We understand that each organisation faces its own challenges, and always provide tailored solutions to meet your specific requirements.

sign up

Want to receive a copy of our monthly Data Protection newsletter and news from the DPAS team?

Footer logo

Helping organisations access the value of their data, create a vision, embed the change and build the future.

QUICK LINKS

WHAT WE DO

COMPANY POLICIES

contact info

Book Your Call

Please note all information on this website is for your help and guidance. It should not be regarded as an authoritative or definitive statement of the law.

©2019 Data Privacy Advisory Service Ltd. ALL RIGHTS RESERVED

Website Development by GSL Media