← All Case StudiesGovernment / Healthcare

UK Health Security Agency (UKHSA)

Scaling Security Awareness and Meeting DSPT Compliance for a Nationwide Workforce

As part of the UK's efforts to strengthen public health security, the UK Health Security Agency (UKHSA) needed a scalable, effective cybersecurity and data protection training programme for its vast workforce of 25,000. Facing the challenge of aligning with Data Security and Protection Toolkit (DSPT) requirements, UKHSA engaged Culture Gem to roll out a comprehensive security awareness strategy that could reach both technical and non-technical audiences.

The Challenge

Key issues

01

The need for a scalable training programme that could deliver consistent security awareness across a large and diverse workforce.

02

Compliance with DSPT standards, critical to securing UKHSA's sensitive health data and safeguarding citizen information.

03

Effective communication campaigns to foster an enduring culture of security and personal responsibility among staff.

04

Seamless integration with internal systems, specifically Active Directory, to ensure high-level access control.

The Solution

What we delivered

Culture Gem delivered a tailored security awareness programme designed for UKHSA's unique needs.

  • Simplified complex government information into accessible, bite-sized modules that resonated across technical and non-technical staff, creating a unified understanding of security responsibilities.

  • Rolled out a comprehensive training strategy aligned with DSPT requirements, ensuring regulatory adherence across all operational levels.

  • Utilised a multi-channel communication approach, delivering impactful messaging through various channels to engage and inform the entire workforce.

  • Integrated seamlessly with Active Directory to bolster access control, providing UKHSA with a secure, efficient system aligned with modern cybersecurity standards.

The Results

Outcomes

Enhanced security awareness — staff at all levels gained a clear understanding of data protection and personal responsibility, cultivating a security-aware culture.

Improved access control — integration with Active Directory strengthened system security, ensuring robust access controls and data protection across the organisation.

DSPT compliance achieved — Culture Gem's strategy met all DSPT standards, positioning UKHSA as a compliant and security-focused agency.

Want results like these?

Every engagement starts with a conversation about your challenges.

Get In Touch →