Back

Data and Security —
Training activity: 7

Training activity information

Details

Advise a healthcare professional on data encryption in the following conditions:

  • “At rest”
  • In transfer

Type

Developmental training activity (DTA)

Evidence requirements

Evidence the activity has been undertaken by the trainee​.

Reflection on the activity at one or more time points after the event including learning from the activity and/or areas of the trainees practice for development.

An action plan to implement learning and/or to address skills or knowledge gaps identified.

Considerations

  • Data encryption standards
  • Local, national, international guidelines and legislation
  • Checksums
  • Encryption software and hardware
  • Limitations of encryption
  • State of the art
  • Requirements for data crossing organisational and national boundaries
  • Risk and legal implications
  • Communication

Reflective practice guidance

The guidance below is provided to support reflection at different time points, providing you with questions to aid you to reflect for this training activity. They are provided for guidance and should not be considered as a mandatory checklist. Trainees should not be expected to provide answers to each of the guidance questions listed.

Before action

  • What do you need to know before offering this advice? This includes understanding different encryption methods for data at rest and in transit, their strengths and weaknesses, and relevant organisational policies.
  • What do you anticipate you will learn from this experience? Consider improving your communication skills in explaining technical concepts to non-technical audiences and deepening your understanding of practical encryption applications. Reflect on your current knowledge of cryptography and data security.
  • What actions will you take in preparation for this experience? Will you review different encryption techniques and their use cases? Will you consider how to explain these concepts clearly and concisely? Consider potential questions the healthcare professional might ask and how you would respond. Identify how you feel about embarking on this training activity.

In action

  • As you explain data encryption, what key concepts are you focusing on? Why are you explaining it in this particular way to this individual?
  • What decisions are you making about the level of technical detail to include and the analogies or examples to use?
  • Where does your understanding of encryption methods and their application feel strong, and where are you having to consciously simplify or clarify your explanation?
  • How well do you think the healthcare professional is understanding the information you are conveying? What questions or points of confusion are you noticing?
  • What are you learning about the communication needs of healthcare professionals regarding technical security topics? How does this compare to explaining these concepts to other technical audiences?
  • If the healthcare professional has specific questions or seems unsure, what alternative ways could you explain the concepts or address their concerns? Do you need to provide additional examples or resources at this point? Are you ensuring that your advice aligns with organisational policies on data encryption?

On action

  • Describe the scenario you addressed with the healthcare professional, the advice you provided regarding data encryption ‘at rest’ and ‘in transfer’, and their response to your advice.
  • How effectively were you able to explain the concepts of encryption ‘at rest’ and ‘in transfer’ to a healthcare professional?
  • What considerations did you highlight regarding the appropriate use of encryption in different conditions? W
  • What did you learn about communicating technical concepts to non-technical audiences?
  • Did you need to adapt your explanation based on the healthcare professional’s existing understanding?
  • How can you improve your communication skills when discussing technical topics with healthcare professionals?
  • What further knowledge do you need to strengthen your understanding of data encryption schemes?
  • What are your next steps in developing your advisory skills in this area?
  • Do you require any further resources on different encryption methods or communication strategies?

Beyond action

  • Have you revisited the advice you provided on data encryption? How has your understanding of encryption methods and their application in different contexts evolved? Have you had similar advisory roles since?
  • How has this experience improved your ability to communicate technical information clearly to healthcare professionals? Have the communication skills developed been used elsewhere?
  • What transferable skills, such as communication and explaining technical concepts, did you develop? What further learning in data encryption techniques would be valuable for your future practice?

Relevant learning outcomes

# Outcome
# 6 Outcome

Evaluate encryption schemes for data at rest or in transit and advise healthcare professionals on appropriate use.
Top