How to create documentation to comply with the DSP Toolkit

The Data Security and Protection (DSP) Toolkit has superseded the Information Governance (IG) Toolkit as the standard for cyber and data security for healthcare organisations.

The deadline for completing the DSP Toolkit is 31 March 2019, although larger organisations are requested to complete their submissions by October 2018.

A quick overview of DSP Toolkit documentation

DSP Toolkit compliance requires organisations to demonstrate that they are implementing the ten data security standards, as well as complying with the requirements of the General Data Protection Regulation (GDPR):

  • Data Security Standard 1: Personal Confidential Data
  • Data Security Standard 2: Understanding your Responsibilities
  • Data Security Standard 3: Training
  • Data Security Standard 4: Managing Data Access
  • Data Security Standard 5: Process Reviews
  • Data Security Standard 6: Responding to Incidents
  • Data Security Standard 7: Continuity Planning
  • Data Security Standard 8: Managing Unsupported Systems
  • Data Security Standard 9: IT protection
  • Data Security Standard 10: Accountable Suppliers

Top tips for producing DSP Toolkit documentation

As with any management system, there are basic guidelines for creating and maintaining documentation:

  • Your documentation needs to be comprehensive – be sure to leave nothing out.
  • It should be in line with the DSP Toolkit requirements – have a copy of this beside you as you build your documentation.
  • It must be tailored to suit your organisation – often organisations will produce the bare minimum documentation that could be applicable to anyone. Remember to customise and make it your own.
  • The documentation should be made available to your staff, with varying levels of access where necessary.
  • Avoid duplication – where possible, documents should be structured to avoid the need to update information in multiple places.
  • Documents should have a standard approach using version control, change history and the same format.
  • Documents should use job titles instead of names.

Get help with your DSP Toolkit documentation

To help you produce the documentation required to comply with the DSP Toolkit, we have released the new DSP Toolkit Documentation Templates, a set of policies, procedures project tools to help you achieve DSP Toolkit compliance quickly and cost-effectively.

This comprehensive toolkit contains more than 80 critical documents you need to demonstrate that you are implementing the ten data security standards, including:

  • People documents
  • Process documents
  • Technology documents
  • Administrative documents
  • Blank meeting templates

Save 10% when you buy before the end of June >>