Data encryption and passphrase guidance
Updated 15 September 2021
Applies to England, Northern Ireland and Wales
If you’re in any doubt, seek advice from the service desk before emailing any learner data.
1. Who this guidance is for
This guidance is for any user of the learning records service (LRS).
It sets out your data protection responsibilities and how to encrypt and password protect learner data when contacting the service desk.
2. Your data protection responsibilities
You must encrypt and password protect all learner data that you send by email to the LRS service desk. Learner data includes:
- unique learner number (ULN)
- given name
- family name
- date of birth
- gender
- postcode
Protecting learner data is your responsibility under both the LRS user agreement and data protection legislation.
3. Encrypting and password protecting learner data
You can encrypt and password protect learner data using software such as Egress Switch or WinZip.
Encryption masks the personal data and password protection ensures that only authorised users can access it.
When using encryption software you should:
- encrypt the files to AES 256 bit encryption standards
- create a password with a minimum of 15 alpha-numerical character including symbols, for example L3arN!ngr3C0rds
- communicate the password to the LRS service desk using an alternative communication method such as telephone
You can check the user guide for your encryption software if you need more help.
4. Security breaches
You’re in breach of data protection legislation if you:
- share your account details or allow someone else to use your account
- send more than one type of learner data in an unencrypted email, for example sending a learner’s ULN and first name
- send a password for an encrypted file by email
5. If you still need help
You can contact the service desk.