Data Security and Protection Toolkit

Data Security and Protection Toolkit

Providers of NHS services within England, including community pharmacy contractors, are required to give information governance assurances to the NHS each year via an online self-assessment – the Data Security and Protection Toolkit (previously called the ‘IG toolkit’).

 

Click on a heading below for more information

New 2021/22 Toolkit and guidance (updated May 2022)

PSNC has published a suite of 2021/22 guidance to assist community pharmacy contractors with completing the Data Security and Protection Toolkit for 2021/22. The Toolkit has to be completed by 30th June 2022.

New detailed guidance is available:

Toolkit guidance (2021/22) Description (2021/22)
Toolkit completion: Five steps to complete the Toolkit (overview) 2021/22 This gives a step-by-step guide to completing the Toolkit and references other materials.
Toolkit completion: Question-by-question guidance (mandatory questions) (PDF ver) 2021/22 This can be used to work your way down the Toolkit completing the mandatory questions.
Toolkit completion: Question-by-question guidance (all questions) (spreadsheet ver) 2021/22) This can be used to view or filter all the questions.
Toolkit completion: FAQs factsheet 2021/22 This provides FAQs.
Toolkit completion: Using the Data Security and Protection Toolkit’s HQ batch submission feature – step-by-step guide 2021/22 and associated Checking pharmacies linked to Parent Organisation HQ code using ODS portal factsheet 2021/22. These explain how to request the feature is set-up for you. Contractors with three or more pharmacies may benefit from using the feature. See also the ‘Batch guidance’ section of this webpage.
Data security templates Templates and policies including new ones which enable completion of the newest version of the Toolkit. All the templates have been refreshed to align with the latest toolkit and with the ongoing COVID-19 pandemic.
Data security training Training resources. Including the updated Pharmacy data security and IG training (for induction or refreshment).
PSNC’s Data security hub This hub includes resources such as: Antivirus, Backups, Data handling and Roles.

See also briefings updated in for 2021/22 completions:

 

PSNC and NHS Digital are currently updating the Data Security and Protection Toolkit (DSPTK) and related tips. Additional user testing is also planned. If you would like to get involved with this user testing, please contact it@psnc.org.uk.

NHS Digital may update contractors about the availability of the initial Toolkit version. However, contractors may benefit from holding off accessing the Toolkit until the planned improvements have been finalised and PSNC has released its updated guidance. Contractors will then still have time to complete the Toolkit before the submission deadline on 30th June 2022.

Guidance for past years

2020/21 Toolkit and guidance (last year’s)

The submission period Toolkit submission was from Winter 2020 until June 30th 2021.

April 2022 update: Related guidance has been superseded and the older version of the Toolkit can no longer be published

2019/20 Toolkit

The final deadline for completing the mandatory questions was re-scheduled from March 31st 2020 to September 30th 2020. Related guidance has been superceded and the older version of the Toolkit can no longer be published

2019/20 Toolkit webinar
In 2020, PSNC and NHS Digital presented a webinar to support Toolkit completion. An on-demand version of the webinar is available via the link above.

Answering technical questions and the Toolkit PMR feature

The Toolkit includes some technical questions which you may need the assistance of your PMR supplier to answer. Some PMR suppliers will provide information to support your completion of the technical questions via a guidance document or via their helpdesk.

Alternatively, some PMR suppliers have chosen to utilise the Toolkit PMR feature. This feature involves your PMR supplier setting up an email address (e.g. igsupport@pmr.com) that they share with customers and this is then entered by the contractor within the ‘Admin’>’User List’ section of the Toolkit (the email address can be added as a ‘Member’). This then allows information supplied by your PMR supplier to be bulk-inserted for the mandatory technical questions within the Toolkit.

The bulk upload of information is likely to be at a pre-set time which your PMR supplier will advise you of. Once the information has been uploaded, you will be able to add or amend the answers entered by your PMR supplier if necessary. Your supplier, as a ‘Member’ within the Toolkit, will technically be able to see your answers to all the questions.

Batch submission

The Toolkit contains functionality to allow pharmacy contractors with three or more pharmacies to complete a bulk submission of assessments on behalf of its branches. If this functionality is of interest to a contractor, they should first read:

Toolkit completion: Using the Data Security and Protection Toolkit’s Parent Organisation HQ batch submission feature – step-by-step guide

Checking pharmacies linked to Parent OrganisationHQ code using ODS portal factsheet

These documents explain how to request the feature is set-up for you.

When you log in to the Toolkit as a Parent Organisation HQ organisation (with HQ Parent Organisation Code), you will be able to complete your assessment, review your list of branches and publish your Toolkit assessment for your branches. Your HQ’s branch list has been populated from data held by the ODS team.  If your list is not accurate, please raise a support call with the Exeter Helpdesk.

 

Related resources

If you have queries about this webpage, please contact it@psnc.org.uk.

 

Return to the Pharmacy IT hub, Data security hub, or IT a-z index

 



Latest Contract & IT news

View more Contract & IT news >

Have you completed the DMS DoC?

Pharmacists and pharmacy technicians are reminded that they must complete the Discharge Medicines Service (DMS) Declaration of Competence (DoC) before...