Data Security and Protection Toolkit (DSPT) Compliance
A huge thank you to all providers who published their Data Security and Protection Toolkit (DSPT) for the 24/25 period. The national compliance for DSPT sits at 76% while Somerset is significantly higher, at 83.7%.
DSPT Changes
The upcoming 25/26 DSPT will not have any major changes. However, the 26/27 DSPT is likely to see a major overhaul and move toward the Cyber Assurance Framework (CAF). The CAF is designed to bring a comprehensive approach to assessing the extent in which cyber, information governance risks and other essential functions are being managed.
The CAF has recently been rolled out to large NHS settings, and outcomes from that will be fed into the future CAF framework.
It is difficult to give any specific guidance about how the CAF will change the current DSPT, but it appears the core questions in DSPT will remain similar. You will likely be asked to confirm that you meet the standard and provide a supporting statement and evidence.
While the next DSPT submission will not change, it would be prudent to keep the higher standards of the CAF in mind for your next DSPT submission. Ask if you can actually demonstrate compliance with questions you’re answering.
If you have any questions, please contact Daniel Plummer at daniel.plummer@rcpa.org.uk
Data Security Health Checks
Following on from the successful pilot that RCPA participated in earlier this year, Data Security Health Checks will soon become a part of the wider DSPT support offer. The process has been refined since the pilot and aims to fully roll out to all providers from late September.
The health check is a process that will review and provide feedback on your data security. RCPA’s Daniel Plummer will visit you and discuss the core concepts from DSPT, but also Cyber Essentials and wider data governance. Following the visit, a report will be written highlighting areas that you’re excelling at and other areas that may require some improvement.
The Health Check will now also include a simple cyber security technical assessment that will review your Windows system’s cyber security.
RCPA is currently looking for one provider to volunteer to help test the new Health Check format and technical assessment.
If you are interested in a free Data Security Health Check, please contact Daniel Plummer at daniel.plummer@rcpa.org.uk
Caldicott Volunteer
Digital Care Hub’s Katie Thorn is looking for a volunteer to speak during the upcoming Caldicott Guardian Network meeting on July 31st. Katie would like a Caldicott Guardian who works within an SME, and ideally not a registered manager, to speak about their experience of being a Caldicott Guardian and any tips they might have for new Caldicott Guardians.
RCPA’s Daniel Plummer will be sharing his journey on becoming a Caldicott Guardian.
If you are interested in participating, please contact Daniel Plummer at daniel.plummer@rcpa.org.uk
Five-Minute Cyber Reality Survey
Digital Care Hub and Lancaster University are mapping everyday cyber-security realities in adult social care. The Survey is aiming to see what a cyber response support system could look like in social care.
Please could you complete this short survey – Click here to access
The survey can be completed by any member of staff within a care organisation. Please share this survey with everyone within your workforce.
Events
Digital Care Hub hosted events:
- Caldicott Guardian Learning Network –
Thursday 31st July 12:00 – 13:00 – Click here to book
- Getting Ready for Windows 11: A step-by-step Transition Guide –
Tuesday 2nd September 14:00 – 15:00 – Click here to book
- Practical DSPT: IT Systems & Devices –
Tuesday 9th September 14:30 – 15:30 – Click here to book
Other online events:
- Heimdal Threat Watch Live –
Tuesday 29th July 10:00 – 11:00 – Click here to register
Adam Pilton (Ex-cyber detective) hosts a monthly cyber security threat watch that looks at the current cyber threats and presents them in a clear and accessible way.
In-person events:
- Cyber Escape Room – hosted at Edgar Hall, Somerton during the afternoon session of the Somerset Displaced Workers and Care Providers Network; September 16th 13:00 – 14:30 (displaced workers forum is the morning session) – For more information Click here or to book a place email admin@rcpa.org.uk
Avon and Somerset Police will be hosting a cyber security escape room where you will solve puzzles and challenges based on real world risks. This interactive, gamified learning experience will raise your awareness of cyber threats and tips to take back to your own organisation.
- South West Regional Cyber Crime Unit Leaders Conference hosted at Taunton Conference Centre – September 18th 10:00 – 15:00 – Click here to register (free)
SWRCCU Leaders Conference brings together non-technical senior leaders and managers from South West organisations and helps them to become more resilient to the prevalent threat from cybercrime.
