Data Security and Protection Toolkit: updated for social care providers
Adult social care providers now have access to an updated tool to check if they are practising good data security and handling personal information correctly.
The Data Security Protection Toolkit – and accompanying guidance – have been reviewed to make them more relevant, practical and easier for care providers to use.
The online self-assessment tool enables organisations to measure and enhance their data and cyber security performance, and publish a statement demonstrating the standard of security that they have reached on an annual basis.
Following feedback that the language, policies and procedures referred to within the toolkit were too technical and NHS-focused, it has been updated in consultation with social care providers.
The update, which was undertaken jointly by NHS Digital and Digital Social Care, included rewording questions and the addition of explanatory notes, tips and examples. The accompanying guidance – developed by Digital Social Care – has also been completely updated and users can now link directly from questions within the toolkit to relevant sections of the guidance, useful templates, legislation and national policy.
The coronavirus crisis has clearly shown how crucial it is to share information rapidly between health and care providers: knowing someone’s status is essential to supporting and protecting people using services, and staff. But data sharing must be done securely. These improvements to the Data Security and Protection Toolkit will enable more care providers to assess and improve their data security systems.
The updates have been well received by the sector with care providers involved in testing the new version of the toolkit saying:
“This feels so much better than the old version. I feel more confident about completing it and it’s great that it shows you how to fix any gaps you have… this feels doable.”
“The links that have already been put together as a template to help along the way is very helpful to save looking through all policies and legislation.”
By successfully using the toolkit on an annual basis, care providers can demonstrate that they are: complying with data protection legislation; meeting Care Quality Commission standards (KLOE W2.8); and able to safely access NHS patient data and systems (including NHSmail and Microsoft Teams). Local authority and healthcare commissioners are also increasingly asking for evidence of successfully meeting the standards within the toolkit.
Care providers are encouraged to register with the toolkit as soon as possible, even if they do not start to complete it immediately. (See webinar recording on How to register).
Organisations who are already using the toolkit should continue to do so. Their existing entries have been transferred to the new version.
A local and national support programme – Better Security, Better Care – enables all care providers to register and use the toolkit. Further support, as well as some minor structural changes within the toolkit will be announced shortly.