1 min read

Zivver achieves ‘Substantial’ rating in NHS DSP Toolkit assessment

Posted by Rick Goud on 5th June 2025

NHS DSP Toolkit

📢 News from the Zivver Team 🙌 We’ve officially scored a ‘substantial’ rating in our latest DSP Toolkit assessment conducted by an independent assessor – the highest possible rating. Even better, the assessment also gave us a ‘High’ confidence rating in the accuracy of our self-assessment. This means our data security controls are not only strong but trusted too.  

What is the DSP Toolkit? 

The Data Security and Protection Toolkit (DSPT) is the NHS’s way of making sure that its suppliers meet national data protection standards. As a Category 2 IT Supplier, we are required to complete the self-assessment and undergo an independent review. That means a deep dive into our systems, policies, training and technology to make sure our claims are aligned with our services. 

How did Zivver perform? 

After reviewing the information and the external assessment, we achieved:   

  • Substantial Risk Rating (Top Score) 
  • High confidence in our self-assessment 
  • Zero critical or high-risk findings 
  • Strong results across all 10 NDG Standards 

Some of our standout strengths include: 

  • Practical, people-first training – Zivver's in-person awareness sessions help make security processes real for our teams. Attendance is tracked, follow up sessions happen, and the result? A workplace where data security obligations are understood. 
  • Smart Authentication – For systems that handle healthcare data, we go beyond standard MFA by introducing physical YubiKeys, making phishing a lot less common while keeping our systems user friendly. Adding strong password policies and regular reviews helps to solidify our security. 
  • Resilience – Our infrastructure is designed for continuity, with multiple data centres and SMS failovers. We also ensure critical roles are always covered, so even during a disruption, secure communication doesn’t stop. 

Commenting on our achievement, our CIO and Co-Founder Rick Goud said: “For NHS organisations and partners, this accreditation provides added assurance that Zivver is not just compliant but proactive, transparent and committed to keeping data secure. Because good security isn’t just about ticking boxes. It’s about making the right thing easy to do.” 

Rick Goud avatar

Rick Goud

CIO & Founder

Published: 5th June 2025

Subscribe to our newsletter
Share this

Enjoy this article? Share the knowledge

Stay informed with Zivver

Subscribe to get more email security tips straight to your inbox.