What's the difference between DSPT and Cyber Essentials?

An article by Digital Care Hub, published August 7th 2024

8/12/20241 min read

We’re often asked what are the differences between the Data Security and Protection Toolkit (DSPT), Cyber Essentials and Cyber Essentials Plus – so we have created a quick guide for care providers and commissioners.

The DSPT covers all aspects of information governance including digital and paper records. The tool and support programme are free, designed for social care and recognised in CQC’s Single Assessment Framework, and in What Good Looks Like.

Cyber Essentials is digital only, a paid for service and not tailored to social care. Cyber Essentials can include some cyber liability insurance – but the insurance does not cover money stolen by electronic means or cyber fraud.

The tools are compatible. For example, if a care provider has Cyber Essentials Plus, they can indicate this on their DSPT entry, and it will enable them to skip some questions. If they reach Standards Met on the DSPT and they also have Cyber Essentials Plus, they can get to Standards Exceeded on the DSPT.

A table showing the difference between DSPT and Cyber Essentials
A table showing the difference between DSPT and Cyber Essentials