CSS Consulting

NHS DTAC Consultancy Support

Highly experienced data protection and cyber security experts, who assist medical supply companies, NHS trusts and other organisations operating within the UK health sector. We provide holistic services for all elements of the DTAC and DSPT compliance, while enhancing data protection and cybersecurity measures.

Features

• Compliance with DTAC standards
• Compliance with DSPT including undertaking gap analysis
• Strengthening data protection and cybersecurity measures
• Personalised guidance and support
• Cyber Essentials/ Cyber Essentials+ consultancy services
• ISO27001 consultancy services
• DPO services
• Three pillars of technical compliance: data protection/cyber and legal
• Incident Response training and exercises
• Penetration testing

Benefits

• Ensures data transfer processes are secure, auditable, and compliant
• Safeguarding sensitive patient information
• Risk mitigation for your organisation
• Providing practical strategies and actionable insights to streamline compliance efforts
• Direct access to end-to-end data, cyber and legal compliance/support
• Ensures full compliance with Cyber Essentials Plus requirements
• Ensures full compliance with ISO 27001 requirements
• Protecting patients, clients, staff & suppliers
• Preserving strategic reputation
• Protecting strategic private & public partnerships

£1,100 a unit a day

• Education pricing available

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at cssassure-tenders@shma.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

177944050325730

Contact

Trevor Walker
0121 214 1215
cssassure-tenders@shma.co.uk

Planning

• Planning service: No

Training

• Training service provided: Yes
• How the training service works: CSS Assure provide a broad range of tailored training including, in relation to: Data Protection; Cyber Awareness; Incident Response: Planning, testing and simulation; DSPT controls.; ; We provide a range of half day and full day sessions and can be held remotely through a digital platform, or on-site, face to face with your audience.; ; All training will be developed in line with your requirements, objectives and required outcomes, following scoping with your team.
• Training is tied to specific services: No

Setup and migration

• Setup or migration service available: No

Quality assurance and performance testing

• Quality assurance and performance testing service: No

Security testing

• Security services: Yes
• Security services type:
  • Security strategy
  • Security risk management
  • Security design
  • Cyber security consultancy
  • Security testing
  • Security incident management
  • Security audit services
• Certified security testers: Yes
• Security testing certifications: CREST

Ongoing support

• Ongoing support service: No

Service scope

• Service constraints: No.

User support

• Email or online ticketing support: Yes, at extra cost
• Support response times: Within 4 hours, during business hours.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 AA or EN 301 549
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Support levels: We provide a fully supervised team which is run by a Principal Consultant with junior consultants supporting on each project. ; ; To ensure customers receive high quality support and value for money, we have a single blended rate £1,100 per day) and therefore the same cost regardless of who undertakes the work. This means you get access to the full team of expertise and seniority at a competitive rate. ; ; Each customer instructing us will be allocated with a technical account manager – typically a Principal Consultant - who will be the key point of contact and will be responsible for the delivery of services throughout the life of the project/service. They will be responsible for ensuring quality, consistency and continuity throughout.

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Security Clearance (SC)

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: British Assessment Bureau
• ISO/IEC 27001 accreditation date: 20/11/2023
• What the ISO/IEC 27001 doesn’t cover: N/A
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: No
• Cyber essentials plus: Yes
• Other security certifications: Yes
• Any other security certifications: IASME

Social Value

• Social Value:

  Social Value

  Fighting climate change

  Fighting climate change

  Being a truly purpose-led and responsible business is a key priority for us. Our efforts have been recognised through our B-Corp certification, which, as a part of the Ampa group of companies, CSS Assure is proud to have achieved. We are one of very few professional services groups to have achieved the accreditation.; ; In terms of fighting climate change, our objective is to achieve carbon neutrality by 2030, and the service provision will directly contribute to this objective. The associated commitments and achieved progress on our carbon reduction plan includes:; ; 1. We offset our Scope 1, 2 and 3 emissions (excluding suppliers) to achieve a carbon neutral organisation, as we progress on our carbon reduction journey. ; 2. We are working to engage 70% of our supply chain by spend to support them to make their own carbon reduction commitments.; 3. We are introducing an electric car benefit to support fossil fuel reduction in commuting and business travel.; 4. We have switched to 100% renewable electricity across all group sites where we have control over supplier.; 5. Our office refits have an 80% target of fixtures and fittings contributing to the circular economy (e.g. re-use and recycled).; 6. We are committed to measuring the emissions used through our people’s commuting, business travel and home energy usage.; 7. We will educate our people on our net zero plans, the importance of sustainability, and what actions our people can take through a series of sustainability talks.

Pricing

• Price: £1,100 a unit a day
• Discount for educational organisations: Yes

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at cssassure-tenders@shma.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.