Main navigation

Virgin Care commended for its data security and protection successes

After a recent assessment, Virgin Care has been commended for its data security and protection talents against the Data Security and Protection Toolkit (DSPT). The DSPT is a tool which allows organisations to measure their compliance against legislation and central guidance, and helps identify areas of full, partial or non-compliance. Virgin Care has been awarded ratings of ‘Substantial Assurance’ (the highest award) across all 10 of the toolkit standards.

Virgin Care has also successfully met the Data Security training target for 2021-22, achieving 95.70% compliance against the 95% target.

During the pandemic, the health care provider has focused on delivering transformation through the implementation of technology into its services. Introducing technology such as an Integrated Care Record, e-Consent processes, virtual groups and mobile working has created new risks, all of which Virgin Care are successfully managing through the appropriate processes, according to the DSPT report.

In 2018 the Information Governance toolkit (IGT) was withdrawn and replaced with the new Data Security and Protection Toolkit (DSPT). It was developed by NHS Digital in response to The National Data Guardian’s Review of Data Security, Consent and Opt-Outs published in July 2016 and the subsequent Government response, Your Data: Better Security, Better Choice, Better Care, published in July 2017.

The DSPT requires organisations to be assessed against the following 10 standards:

  1. Personal Confidential Data
  2. Staff Responsibilities
  3. Training
  4. Managing Data Access
  5. Process Reviews
  6. Responding to Incidents
  7. Continuity Planning
  8. Unsupported Systems
  9. IT Protection
  10. Accountable Suppliers

The report states that, “Virgin Care has demonstrated a clear organisational governance structure in relation to data security and protection with associated processes and key roles in place.  Structures and committees appear to be operating with clear commitment and support by senior management.

“The organisation has demonstrated ongoing development of its data security and protection framework and controls and has recently been successful in achieving Cyber Essential Plus certification.”

Sarah Murray, Head of Information Governance at Virgin Care said, “Information Governance is everyone’s responsibility and I’m extremely proud of colleagues for their continued support, adapting to new processes and completing their Data Security training, helping us to reach our target of 95% compliance across the business.

“It’s been particularly difficult this year, as we’ve worked tirelessly on the frontline against COVID and behind the scenes, but this is a great result and shows that we, as an organisation, treat the information we hold on patients, service users and colleagues seriously.”

Virgin Care
Virgin Care
Virgin Care
Virgin Care

We’re encouraging healthcare professionals of all ages to attend a Recruitment Open Day at Farnham Hospital and Centre for Health.

Virgin Care
Virgin Care

A 43-strong roving immunisation team has been bringing COVID-19 vaccinations to the clinically vulnerable and hard to reach communities in Bath and North East Somerset (B&NES),

Virgin Care
Virgin Care

Our Lancashire Healthy Young People and Families Service has trained a new team of volunteers who will soon be providing support to parents in Burnley, helping them to develop their skills and give their children the best start in life. 

Virgin Care
Virgin Care

Through innovative service design, the development of new career pathways and with a focus on inclusion and belonging, we won’t stop until we’ve implemented the NHS People Plan into every aspect of the organisation.