Description

This standard provides a consistent approach to identity across digital health and care services. It describes why and how a person should prove their identity to access digital health and care services. For example: their GP practice, their local hospital, and their social care provider. NHS Digital has worked on this standard in conjunction with many key clinical and privacy stakeholders including NHS England and NHS Improvement, the Care Quality Commission, the Royal College of GPs, the Joint GP IT Committee, and the Privacy and Consumer Advisory Group. The defined standards and principles in this document are to enable co-ordination of effort and to avoid duplication of effort. Elements considered by this standard include: • identity verification • identity authentication • clinical authorisation • typical example transactions. This standard will be updated as and when required. The national Data Coordination Board (DCB) will approve the publication of all versions.

Applicability

Any NHS or non-NHS provider, organisation, company, or authority that provides identity services for individuals accessing online digital health or care services must adhere to this standard.

Requirements 

Description

The Data Security and Protection Toolkit (DSPT) is an online tool that enables organisations to measure their performance against data security and information governance requirements set by the Department of Health and Social Care.

Applicability

The DSPT provides a mechanism for organisations to assess themselves against the NDG 10 data security standards2, through confirming assertions, and providing supporting evidence.

Requirements