We’re pleased to share that Radiobotics has successfully completed the NHS Data Security and Protection Toolkit (DSPT) self-assessment, demonstrating that we meet the NHS’s expectations for good data security and responsible handling of personal information.
While this isn’t headline news, it is an important marker of trust, maturity, and readiness — especially for organisations working with NHS data.
What is the NHS Data Security and Protection Toolkit (DSPT)?
The NHS Data Security and Protection Toolkit (DSPT) is the NHS’s standardised assurance framework for organisations that access, process, or store NHS patient data.
It requires organisations to assess themselves against a comprehensive set of requirements covering:
Data protection and GDPR compliance
- Cybersecurity controls and risk management
- Staff training and awareness
- Incident response and governance processes
Completion of the new DSPT provides assurance to the NHS and its partners that an organisation takes data security seriously and has appropriate safeguards in place.
What does passing the DSPT mean for Radiobotics?
Completing the DSPT self-assessment confirms that our internal policies, technical controls, and organisational practices align with NHS expectations for data security and information governance.
In practical terms, this means:
- We have defined and documented how personal data is handled and protected
- We have appropriate technical and organisational security measures in place
- We regularly assess risks and maintain accountability at an organisational level
It also means we can support NHS customers and partners with RBfracture™ with confidence, knowing that our data security posture meets the required baseline.
Why does this matter for NHS customers and partners?
AI solutions in radiology are only valuable if they are also trusted. Passing the DSPT helps demonstrate that RBfracture is not just clinically focused, but operationally responsible.
For NHS organisations, this provides:
- Additional assurance when working with us as a supplier
- Confidence that data protection and security are treated as core requirements—not afterthoughts
- Alignment with broader NHS information governance expectations set by NHS England
A baseline, not the finish line
We see the DSPT as a minimum standard, not a differentiator. Data security, privacy, and governance are ongoing responsibilities, and we continue to review and strengthen our practices as requirements evolve.
For us, passing the DSPT is part of a broader commitment: Building AI solutions for emergency and trauma care that clinicians can rely on clinically, operationally, and ethically.
If you’d like to learn more about how RBfracture is deployed within NHS environments, or how we approach data protection in practice, feel free to get in touch.
