NHS Digital Data Security and Protection Toolkit

Results summary

For the majority of topics, the IASME Governance standard meets or exceeds the requirements of the NHS Digital Data Security Standards.

In some areas an action, process or tool that is specific to the NHS is referenced by the standard which does not map directly to the IASME Governance standard

NHS Digital Data Security and Protection Toolkit

The Data Security and Protection Toolkit is an online self-assessment tool that all organisations must use if they have access to NHS patient data and systems. https://digital.nhs.uk/data-and-information/looking-after-information/data-security-and-information-governance/data-security-and-protection-toolkit

Notes on the mapping: As the IASME question set is considerably more detailed and specific than the approach taken by the NHS Digital standards, it was often not possible to map IASME questions to specific NHS Digital standard requirements and audit guides. Therefore, we adopted a simpler approach that has mapped the sections of the IASME question set to the relevant NHS Digital Standards or parts thereof. However, where it was possible to map a question to a specific NHS requirement that is indicated in the spreadsheet.

  • All sections of the IASME question set that meet the requirements of the NHS Digital standards are shaded green.

  • Green indicates direct correlation between IASME and NHS, Amber indicates partial, or implied correlation.

  • Purple indicates where the IASME standard exceeds the NHS requirements and/or an NHS applicant might/could fail IASME/CE certification. E.g Unsupported software.

  • Red indicates where there is no correlation between the two