As most health and social care organisations will be aware, the Data Security and Protection (DSP) Toolkit replaced the Information Governance (IG) Toolkit from April 2018 as the compliance standard for any organisation looking to access NHS networks.
Although the Toolkit portal is now live, not all organisations are able to register to complete this. NHS Digital is offering a staggered rollout to avoid overwhelming the portal and allow for live changes to be made based on submission feedback.
Select organisations that submitted their IG Toolkit version 14.1 early have been granted access, with the next phase of registration due shortly.
What can you do now to comply?
Although the deadline for completing the DSP Toolkit is March 2019 (with a baseline submission due for some organisations in October 2018), organisations need to start planning now to minimise their compliance cost.
The Toolkit has many of the same requirements as the EU General Data Protection Regulation (GDPR) and includes the incident response and business continuity capabilities as defined in the Directive on security of network and information systems (NIS Directive).
To reduce the cost of achieving compliance and maximise the impact of their activities, organisations should coordinate their compliance programmes to implement strategies that achieve the common elements of all three regulatory/contractual requirements.
Although access to the live portal is restricted, IT Governance’s healthcare experts have been a part of the testing phase of compliance submission. As a result, we have developed a number of solutions specific to the new Toolkit’s requirements, which can be combined with GDPR solutions to create a comprehensive compliance programme.
DSP Toolkit Gap Analysis
More information on the challenges affecting healthcare is available on our website, as well as in the cyber security brochure and cyber resilience green paper available to download for free below.
|Cyber Security in Healthcare|
Come and meet us
IT Governance is involved in various educational events in the run-up to the GDPR deadline:
- Dementia Care & Nursing Home Expo
- 25–26 April 2018, NEC Birmingham
- Find us at stand #10022
- IT Governance’s Shaun Beresford will be discussing ‘The Impact of the General Data Protection Regulation (GDPR) and Initiating Compliance’ on 25 April 2018, 3:30–4:00 pm
- Global Cyber Security in Healthcare & Pharma Summit
- 3–4 May 2018, Radisson Blu Edwardian Heathrow, London
- Find us at stand #3
- IT Governance’s Alan Calder will be discussing ‘Implementing a cyber resilient strategy and sustaining compliance with the GDPR and NIS Directive’ on 3 May 2018, 12:30–1:00 pm.
If you are attending one of these events, please contact email@example.com to arrange a short meeting during one of the breaks to discuss tailored solutions based on your organisation’s needs.