NHS DSPT & Dentascribe
Last updated: 25/06/2025
Dentascribe is NHS DSPT compliant. We meet the data security and protection standards required for NHS and health organisations.
What is NHS DSPT?
The NHS Data Security and Protection Toolkit (DSPT) is an online self-assessment tool developed by NHS England.
It helps organisations measure and improve their data security and protection practices against the National Data Guardian’s 10 data security standards.
The toolkit covers areas including:
- Staff responsibilities and training
- Secure systems and data flows
- Identity and access management
- Data quality and standards
- Incident management and business continuity
Why is NHS DSPT important?
NHS DSPT compliance is mandatory for organisations processing NHS patient data or connecting to NHS systems.
It ensures that patient data is handled securely and demonstrates commitment to maintaining the highest standards of data protection within the healthcare sector.
For dental practices using Dentascribe, DSPT compliance provides assurance that patient information is protected according to NHS requirements.
How does Dentascribe comply?
Dentascribe meets NHS DSPT requirements by addressing all 10 National Data Guardian standards:
- Staff training and accountability: All team members complete annual data security training and understand their responsibilities for handling personal confidential data
- Secure data handling: Personal confidential data is handled, stored and transmitted securely in both electronic and paper forms, shared only for lawful purposes
- Information governance: Staff understand their personal accountability for data breaches and follow established protocols
- Access controls: Personal data is only accessible to staff who need it for their current role, with access removed when no longer required
- Process review and improvement: Annual reviews identify and improve processes to prevent data breaches and eliminate workarounds that compromise security
- Incident response: Cyber attacks are identified and resisted, with immediate action taken following breaches and reports to senior management within 12 hours
- Business continuity: Tested annual continuity plans respond to data security threats and significant breaches
Patient data processed through Dentascribe remains under your practice’s control, with processing only occurring when you opt-in to specific features like synced notes, AI transcription, audio notes, and letters.
How can I access the NHS DSPT report?
You can review our publication history on the DSPT Toolkit website.
Need more information?
You can find out more about the NHS DSPT on the Digital Care Hub website.