Since 31st July 2022, all providers that receive public funding for the services they provide must comply with the National Data Opt-Out. All providers must check if they process confidential patient information for purposes other than care delivery and update their policies and privacy notices to reflect the National Data Opt-Out.
Care providers must complete the Data Security and Protection Toolkit at least once a year to ensure it reflects their current data and cyber security arrangements.
There have been some changes since the 2021-22 version was issued.
The changes to the DSPT include:
· Care providers must demonstrate compliance with the National Data Opt-Out and include a link to their published compliance statement.
· Some question numbers have changed, but your previous answers will remain and can be saved and copied to the new question number.
If a care provider has stated that they are Approaching Standards on previous submissions, the action plan implemented should be completed to achieve a Standard Met Assessment status.
If they already have a Standard Met status, the review will not take long to republish, but we recommend that you check the responses to see if they need to be updated. Some questions are mandatory, and these need to be answered correctly.
The Swift Management team is happy to assist providers to ensure their action plans are robust if required and that submissions are made correctly.