This website uses cookies. View our cookie policy
United Kingdom
Select regional store:

IG Toolkit Compliance

The NHS’s IG (Information Governance) Toolkit was superseded by the DSP (Data Security and Protection) Toolkit in April 2018.

Compliance with the DSP Toolkit is mandatory for organisations that access the HSCN (Health and Social Care Network), which replaced N3 in 2017.

The deadline for completing the DSP Toolkit is 31 March 2019, although larger organisations must complete their submissions by October 2018.

The DSP Toolkit requires organisations to demonstrate that they are implementing the ten data security standards set out by the National Data Guardian and the requirements of the EU GDPR (General Data Protection Regulation).

If your organisation is yet to comply with the GDPR, IT Governance has developed a GDPR checklist in line with NHS Digital guidance to help you understand and plan what you need to do to comply with the Regulation. 

In addition to the more stringent requirements, the CQC (Care Quality Commission) will inspect DSP Toolkit submissions as part of its ‘key lines of enquiry’ (KLOE); an organisation’s rating will reflect its level of compliance with the toolkit.

Download our free DSP Toolkit and NIS Regulations green paper

For further information on the changes that the DSP Toolkit introduces and why you should consider streamlining your DSP Toolkit and NIS Regulations (Network and Information Systems Regulations 2018) compliance projects, download our free green paper ‘DSP Toolkit and NIS Regulations – The impact for healthcare organisations'.

IG Toolkit v14.1 transition service

If your organisation has achieved compliance with IG Toolkit v14.1, IT Governance is developing a transition service to help you update your practices to meet the additional requirements of the DSP Toolkit.

Speak to an expert about the IG Toolkit transition service >>

Preparing for DSP Toolkit compliance

If you are beginning your DSP Toolkit compliance journey alongside other regulatory obligations, such as the GDPR, you can streamline your compliance activities to avoid duplication and ultimately save money.

Additional compliance services

The DSP Toolkit recognises that certain certification schemes surpass the requirements set out in its mandatory assertions.

Cyber Essentials Plus certification achieved in the 12 months before a DSP Toolkit submission and ISO 27001 certification both drastically reduce the evidence items and workload associated with a DSP Toolkit compliance submission. 

For more information or to discuss how to plan a compliance programme around these schemes, speak to a healthcare expert.

“Today we had our approval notification and can proceed with our business plans with NHS authorities; it’s fair to say we couldn’t have achieved it so quickly on our own!”

Jayne Watkins, Quality Education Solutions

Speak to a healthcare expert

For further information about our DSP toolkit products and services, get in touch with a member of our healthcare team using one of the contact methods below.