Data security and information governance
Published on: 22nd July 2013 | Updated on: 11th November 2025
Data security and information governance help protect patient data, pharmacy systems, and digital networks. These topics are essential for keeping your pharmacy safe, compliant, and running smoothly.
NHS Data Security and Protection Toolkit (DSPTK)
Every year, NHS service providers—including community pharmacy owners—must complete the NHS Data Security and Protection Toolkit to confirm that their data protection policies and systems meet national standards.
Visit the guidance: Data Security and Protection Toolkit (DSPTK)
A–Z of data security topic pages
Explore our full list of guidance pages to help you manage data securely and confidently in your pharmacy:
- Access control methods (e.g. passwords)
- Antivirus
- Backups
- CIS2 (authentication for health and care professionals)
- Cyber and technical security advice: how to prevent and respond to data and cyber threats
- Data handling, record keeping and disposal
- Data quality
- Data Security and Protection Toolkit (DSPTK)
- DSPTK FAQS factsheet (or webpage)
- DSPTK HQ batch submission feature (step-by-step guide)
- DSPTK HQ batch submission feature (factsheet)
- GDPR and workbook
- Fax usage
- Mobile messaging
- Mobile device usage and ‘bring your own device’ policy
- National data opt-out system for patients (for data processing for planning/research)
- NHS login – a patient authentication system used by the NHS App and other apps to reduce the number of logins/accounts needed
- Opt-out
- Remote consultations
- Roles (e.g. IG lead)
- Routers
- Smartcards
- System settings and IT updates
- Templates
- Ten steps to help improve data and cyber security within your pharmacy (factsheet)
- Top tips and case studies
- Training
- Windows 10 versions end-of-support transition guidance
For more information on this topic please email it@cpe.org.uk
