Encryption guidance for health and care organisations

Guidance on when and where encryption is needed, to make sure data is properly protected.

The guidance covers:

  • assessing the right level and type of encryption for the data and information on devices and communication links
  • protecting data according to its classification and/or sensitivity.
  • managing the encryption solution

Encryption: good practice guide

This detailed guidance covers when and where encryption should be used to make sure policy and procedures are in place to encrypt sensitive data where necessary.


Encryption: example policy

This policy template is designed for use in health and care organisations to implement good encryption policy and practice.