Ely, United Kingdom, 29 July 2019 – GRCI Law, a specialist in data protection and privacy law, has achieved compliance with the NHS’s Data Security and Protection (DSP) Toolkit and a rating of ‘standards exceeded’.
The DSP Toolkit is an online self-assessment tool developed by NHS Digital for organisations to measure their practices against the National Data Guardian’s ten data security standards. All organisations that have access to NHS patient data and systems are required to use the DSP Toolkit to provide the necessary assurance that the organisation handles personal information appropriately.
Ryan Mackie, managing executive of GRCI Law, said: “We’re pleased that the GRCI Law team has exceeded the standards in complying with the DSP Toolkit. With the help of colleagues across GRC International Group, GRCI Law’s parent company, we have achieved a rating of ‘standards exceeded’.
“Although this is a self-assessment, clients and potential clients can feel assured that we have provided all the required evidence to attain this level. It shows our clients and their patients that we can be trusted to process special category data to the standards that they expect, and that the NHS insists on. Organisations that process NHS data and are required to comply with the DSP Toolkit can put their trust in GRCI Law to handle their patient’s data on their behalf, in accordance with the requirements of NHS Digital.”
GRCI Law’s team of experienced data privacy lawyers, data protection officers (DPOs), and IT and information security experts can help NHS service providers identify the nature and scope of their project and support them with DSP Toolkit compliance.
GRCI Law also provides independent support and services for General Data Protection Regulation (GDPR) compliance programmes, from reviewing contracts to ensure they are aligned to current legislation, to fulfilling the role of DPO, drafting breach notifications, and identifying measures that can be put in place to avoid future incidents.