Keyboard within fingers typing

Data Security & Protection Toolkit

What is it about?

Every year more than 48,000 organisations complete the NHS Data Security & Protection Toolkit, an online self-assessment tool that allows organisations to measure their performance against the National Data Guardian’s 10 data security standards.

All organisations with access to NHS patient data and systems must use the Toolkit to provide assurance that they are practising good data security and that personal information is being handled correctly. This means that the Toolkit is not only aimed at NHS organisations themselves, but also at private sector and charitable providers of healthcare and services to the NHS. In fact, suppliers are contractually obliged to complete the Toolkit by their NHS clients.

How hard can it be?

The Toolkit is complex with 

  • Up to 50 assertions to make, showing your organisation’s compliance with best practice
  • Many evidence items must be provided
  • Mandatory training and assessments for staff with access to NHS patient and client data
  • Annual renewals including the training
  • Requirements that change every year

How can we help?

We can really make a difference with

  • ONS and Toolkit registration
  • Planning
  • Process re-engineering
  • Documenting policies, registers, consent forms …
  • Training
  • Completing and reviewing the Toolkit
  • Improvement plans


The deadline for completing and submitting the 2023/2024 Toolkit is 30th June 2024

you only have …

<h3>... almost a year to get ready for 2023/2024's submission!</h3>
We are experts, having completed the Toolkit and its predecessor (the IG Toolkit) since it was introduced in 2003/2004
If you need assistance – call on us – we are only a click or two away
Skip to content