what is confidentially of information and what are the practices ensure confidentiality of information
Answers
.
1. Proper labelling.
Under applicable laws, if a company does not take sufficient steps to treat its own confidential information as confidential, legal protection may be lost. Labelling confidential information also serves as a practical disincentive for someone to abuse confidential information. Labelling can appear on electronic and hard copy documents. A label could be: " Confidential information and property of ABC Corp. No part of these materials may be copied, used or disclosed except with written permission of ABC Corp. "
2. Insert non-disclosure provisions in employment agreements.
It is a best practice that employees who have access to confidential information sign an employment contract which contains non-disclosure provisions. If a company has confidential information which is particularly sensitive, it should be clearly identified in the contract. The employee should be obligated to return confidential information when employment terminates. Although it can be very difficult to enforce non-competition provisions in an employment contract, confidentiality provisions are generally legally enforceable. Although the law imposes certain obligations of confidentiality on employees, confidentiality provisions in an employment contract make it abundantly clear that the employer is serious about confidentiality, and therefore help prevent problems from a legal and practical perspective.
3. Check out other agreements for confidentiality provisions.
As a matter of day-to-day business, companies enter into contracts with service providers including consultants and suppliers of IT services (such as hosting and software implementation). Many standard form contracts which are prepared by service providers do not contain any confidentiality provisions in favour of the customer (or contain very "weak" provisions). In these circumstances, it is best to sign a separate confidentiality or non-disclosure agreement (commonly known as an "NDA") with the service provider, or "beef up" the confidentiality provisions in the service provider's contract.
4. Limit access.
A company with confidential information should be careful to limit access to confidential information to only those employees who have a "need to know". By doing so, the company strengthens its legal position and also helps establish a practical "roadblock". Hard copies of documents should be kept locked, and electronic copies should be password protected. Computer access should be monitored. The monitoring of "suspicious activity" may help in a legal claim against a departing employee should the need arise.
5. Add a confidentiality policy to the employee handbook.
A company's employee handbook should contain a confidentiality policy that spells out procedures for dealing with confidential information. For example, the policy should require that documents that are to be destroyed be shredded (instead of simply being put in the garbage or recycling bin). Of course, the written policy must be consistent with the confidentiality provisions in employment agreements and other legal obligations.