The compliance requirements of the NHS are described in a process known as the Data Security & Protection Toolkit (or DSP Toolkit). This includes the completion and submission of a DSP Toolkit, which addresses the governance, policy, management and technical aspects of security.
Most companies find completion of the DSP Toolkit to be a time consuming, confusing and often unsuccessful process. There is very little help available from the NHS and guidance is often considered to be vague as it has to cover such a wide range of organisation types and sizes.
We provide services to support the HSCN connection. PSN connectivity and ISO 27001 certification. We work with clients to get them to a point at which they can get the sign off from the NHS required before ordering an NHS circuit. Companies have various starting points, with some requiring little guidance and other requiring a more structured process.
We support clients throughout all stages of the journey, regardless of the starting point.
Typically, Hytec delivers a package of work known as a DSP Toolkit Gap Analysis which allows us to compare the current as-is status of an organisation against the requirements of the Toolkit. This results in a report showing areas of compliance and the required corrective actions. Hytec’s long experience of working with the HSCIC team enables us to give companies clear advice on what will and will not be acceptable, thereby saving time and money during the compliance work leading up to a connection. Hytec’s BSI Certified ISO 27001 lead auditors lead this work and where requested to do so can help companies implement pragmatic and cost effective corrective actions that will meet the DSP Toolkit requirements.
As a provider of hosted connections to the NHS network, Hytec has its own up to date DSP Toolkit. Hytec is also certified to ISO standard 27001 for information security management systems and to ISO 9001 for quality management.
Our DSP Toolkit service is available from us direct or can be purchased directly from the G-Cloud.