Part 3 Clinical Quality & Safety Assurances
3.1 Information Governance & Data Protection - Data Security & Protection Toolkit (DSPT) NPC measured its performance on an annual basis using the online self-assessment tool declaring compliance with the National Data Guardian’s 10 data security standards with the following outcomes:
Data Security Protection Toolkit Assessment 2024/25 (version 7) 2023-24 (version 6) 2022-23 (version 5) 2021-22 (version 4) 2020-21 (version 3)
Outcome
Standards met Standards met Standards met Standards met Standards met
2019-20 (version 2)
Standards met
2018-19 (version 1)
Standards met
The nominated Senior Information Risk Owner (SIRO) and Caldicott Guardian for NPC are both listed on the national registers. As Board members, they work alongside the Corporate Governance team and the Data Protection Officer (DPO) to provide the Board with assurance that NPC is fully compliant with all regulatory and statutory data protection requirements. NPC maintains a Subject Access Request (SAR) and Caldicott enquiry register, which had 33 entries in the 2024/25 period, compared to 14 entries in the 2023/24 period. All SAR requests are processed in accordance with the Data Protection Act 2018 and are supported in their processing by the DPO, where required. 3.2 Infection Prevention and Control (IPAC) The NPC annual IPAC statement is generated each year in March, in accordance with the requirements of the Health and Social Care Act 2008 Code of Practice on the prevention and
Norfolk Primary Care - Quality Account 2024/25
32 | Pa g e
Made with FlippingBook - Online catalogs