Encryption guidance for health and care organisations

Guidance on when and where encryption is needed, to make sure data is properly protected.

The guidance covers:

  • assessing the right level and type of encryption for the data and information on devices and communication links
  • protecting data according to its classification and/or sensitivity.
  • managing the encryption solution
internal

Encryption: good practice guide

This detailed guidance covers when and where encryption should be used to make sure policy and procedures are in place to encrypt sensitive data where necessary.

internal

Encryption: example policy

This policy template is designed for use in health and care organisations to implement good encryption policy and practice.