How Accuro Passed the NHS Toolkit with Standards Exceeded

What is the NHS DSP Toolkit?

The NHS Data Security and Protection (DSP) Toolkit is a self-assessment tool, completed annually, that allows organisations to measure their performance against the National Data Guardian’s 10 data security standards.

As data security standards evolve, the requirements of the DSP Toolkit are reviewed and updated to ensure they are aligned with current best practice.  Organisations with access to NHS patient data must therefore review and submit their annual assessment each year before the deadline.

The DSP Toolkit also provides organisations with a means of reporting security incidents and data breaches.

Importance of the DSP Toolkit for the NHS

All organisations that have access to NHS patient information must provide assurances that they have the proper measures in place to ensure that this information is kept safe and secure.  Completion of the DSP Toolkit is therefore a contractual requirement specified in the NHS England Standard Conditions contract and it remains Department of Health and Social Care policy that all bodies that process NHS patient information for whatever purpose provide assurances via the DSP Toolkit.

Completion of the DSP Toolkit is also necessary for organisations which use national systems such as NHS mail and the e-referral service.

Understanding the Components of the NHS DSP Toolkit

The NHS DSP Toolkit outlines specific data protection standards, with a focus on compliance with the UK’s General Data Protection Regulation (GDPR) and other related regulations.

The toolkit outlines the requirements for organisations to comply with data protection standards, emphasizing the need for current Information Commissioners Office (ICO) registration, documented information assets, transparency about data usage, and roles for key personnel such as a Data Protection Officer (DPO).

It mandates ensuring data quality and managing Subject Access Requests. Organisations must maintain updated policies, train staff regularly, and have board-level oversight of data security. Risk management, Data Protection Impact Assessment (DPIA) procedures, records management, incident management, and backup protocols are essential. Effective asset and patch management, supplier compliance, and regular security monitoring and audits are also required.

Accuro's Commitment to the NHS Data Security and Protection Toolkit

Accuro has been rated as ‘Standards Exceeded’ in a 2024 NHS Data Security and Protection Toolkit assessment. This provides assurance to those in the health and care services sector and beyond that Accuro practices strong data security and that personal information is handled correctly.

By consistently maintaining ISO27001:2022 and Cyber Essentials Plus accreditations, Accuro shows its unwavering commitment to upholding the highest standards in data security, even amid rapid growth across various sectors.

How Accuro Help the NHS

Accuro’s advanced software’s prioritise data security throughout the transcription process. From dictating via the Accuro dictation app on smartphones, to transcribers typing dictation until document return, Accuro eliminates less secure data transfer methods like email and strictly controls data access and download locations.

Typing Directly into Electronic Patient Records

Direct typing into electronic patient records (such as Cerner, Pabau, Bluespier, etc.) ensures that healthcare professionals have access to accurate and up-to-date patient information.

Medical dictations are typically accessed via VPN and typed directly into the patient’s record, keeping all data within the hospital or practice’s server and adding an extra layer of security.

Case Study: How the NHS Toolkit Helped Worcestershire Royal Hospital

Worcestershire Royal Hospital felt confident in sending digital dictation to Accuro due to their commitment to the NHS toolkit and their ‘above and beyond’ approach to data security.

Your Trusted Transcription Partner

With over 20 years of experience in the UK medical transcription service, Accuro is a reliable partner for securing sensitive information. Accuro has implemented industry-leading technical controls to ensure compliance with data security regulations, including achieving ISO27001 and Cyber Essentials Plus accreditation.

To learn more about how Accuro can support your organisation, sign up for free by clicking the button below or contact us here.

Share this post

Worcestershire Royal Hospital

Worcestershire Royal Hospital (WRH) use Accuro, trust-wide, to clear backlogs with an easy workflow solution. 

Forward thinking WRH needed a solution to avoid any dictation backlogs. 

After contact with Accuro account management, an implementation plan was actioned, including Accuro’s integration with the trust’s digital dictation system and electronic health record system. 

Accuro have supported more than 10 different services/departments at Worcestershire Royal Hospital with patient correspondence.