Monday Mornings with Madison

Confidentiality in the Workplace

A merger.  A game-changing deal.  A new product launch.  A major policy shift.  New cutting-edge technology.   An acquisition.  A change in leadership.   In today’s world of big business and even bigger transactions, confidentiality is of paramount importance.  Yet, with today’s high tech, lightning-fast communication tools – such as social media, text messages, flash drives, email, cell phones, and the cloud – hot news can spread faster than a California forest fire.   In small businesses, where employees feel more like family than coworkers, private information can spread rapidly through a company and beyond.  In big businesses, employees may feel even more disconnected from their employer and ignore their fiduciary responsibility to safeguard company or client information.  Indeed, it may even seem at times that the fastest way to disseminate information is to tell employees that information is confidential.

However, company employees are expected to treat all the information in the workplace with care and caution… not just hot news, but any and all information that is sensitive or privy.  Every employee at an organization should be prudent enough not to disclose any information that the organization considers sensitive and confidential unless and until consulting with and getting permission from a supervisor.  So how can a company ensure that the private information of its clients, vendors, employees and workplace remains just that:  private?  There are a number of strategies companies can implement that promote the values of privacy, discretion and confidentiality in the workplace.

Discretion is the Better Part of Valor

Thanks to the digital age, companies are creating an ever-growing pile of digital information, from product designs to financial records to employee e-mails. Keeping all that information is becoming increasingly hard, not only because of the sheer volume but also because of the ease of storing and sending it.   Some of that information could be valuable to competitors or simply embarrassing.

In today’s business environment, it is as important for companies to deliver ironclad confidentiality as it is for them to serve up five-star service and top-notch quality.   A company able to keep confidential information secure is not just doing what is ethically right, it is delivering a highly-desired benefit that can set it apart from its competitors.   An unwavering commitment to confidentiality can give a company an edge.

So how does a company become the bastion of discretion?  For a company to ensure there is no inappropriate disclosure or sharing of information, it must set and then enforce explicit confidentiality policies and procedures.  Here are eleven winning strategies to prevent information leaks in the workplace.

Strategy 1

Identify information that must remain confidential. In some instances, federal and state legislation mandates that certain information remains private, such as financial information or Social Security numbers. Determine what information for your organization is proprietary and must remain confidential.  Also define under what circumstances, if any, it can be shared.

Strategy 2

Create a policy to address confidentiality. Provide details and examples of the specific types of information that the business considers confidential.  That includes digital information, not just word-of-mouth.  Digital information is not only easily stored, but it can also be easily shared.  It is important for employees to understand that corporate data is proprietary and confidential, and must not be removed from the company’s computer systems.  Also state the information that is not protected, such as personal emails on the company email system. Review and update the policy regularly to address new issues, such as blogging and social media, as they arise.

Strategy 3

Train employees to understand the company’s confidentiality policy. Provide examples and scenarios to help employees identify what information can and what information cannot be released or discussed with others in or outside the business.  Include specifics, such as a specific person or department to whom employees can refer questions or inquiries. Instruct employees not to discuss confidential information in an open environment like a public elevator or over lunch in a restaurant.  As the saying goes, ‘loose lips sink ships.’

Strategy 4

When a company deals in highly sensitive information or trade secrets, it may make sense to require employees to sign a confidentiality agreement.  A good confidentiality agreement will state the consequences for violation of the agreement. It includes conditions explicitly forbidding the release of confidential information even if the worker is no longer employed by the business.

Strategy 5

Staff should be instructed on how to independently verify the authenticity of external agencies, partners and other individuals that might request or need confidential information during a business transaction before providing confidential information.  For example, a CPA might be asked to share a client’s tax records to an attorney handling a real estate transaction for the client.  The firm should require appropriate identification in order to disseminate the information.  Requests for information should be put in writing and accompanied by a waiver when appropriate.  Records should be provided only after confirming the information is legitimate.

Strategy 6

Employees caught disseminating information inappropriately should be disciplined.  More severe measures, such as suspension or even termination, should be enforced for employees who knowingly violate confidentiality restrictions.

Strategy 7

Implement tight digital security measures.  In the past, IT budgets were focused on protecting “systems of record”, which track the flow of money, products and people within a company and its network of suppliers.  Today, companies must also invest in securing “systems of engagement” which includes all kinds of technologies that digitize, speed up and automate a company’s interaction with the outer world.  When it comes to technology, businesses that handle sensitive information need to spend more time and money securing data.

Strategy 8

According to technology experts, the “digital universe”, the amount of digital information created and replicated in a year, will increase to 35 zettabytes by 2020.  That will be 35 times as much as there was in 2009, which was less than 1 zettabyte.  One zettabyte is 1 trillion gigabytes, or the equivalent of 250 billion DVDs.  Because digital data is growing exponentially, it is imperative for companies to protect and prevent unauthorized access and use of information by employees.  Limit access and use of confidential or proprietary information to employees who have a specific, work-related need only.

Strategy 9

Mark applicable confidential emails “confidential” or “privileged” in the subject header so that they are easier to sort and redact if need be.

Strategy 10

A company policy is useless unless employees are aware of it. Require staff to sign an acknowledgement of the policy, and provide regular reminders in staff meetings, through email and in the company newsletter. Document reminders in case needed in future disciplinary action.

Strategy 11

Lead by example. Employees keep information confidential when top management also demonstrates the same discretion.  Gossiping is not okay for staff or leadership.

Quote of the Week

“In almost every profession – whether it’s law or journalism, finance or medicine or academia or running a small business – people rely on confidential communications to do their jobs. We count on the space of trust that confidentiality provides. When someone breaches that trust, we are all worse off for it.” Hillary Clinton

© 2013, Keren Peters-Atkinson. All rights reserved.

Print Friendly, PDF & Email
Share and Enjoy:
  • Print
  • Digg
  • Sphinn
  • del.icio.us
  • Facebook
  • Mixx
  • Google Bookmarks
  • Blogplay
Comments Off on Confidentiality in the Workplace

Comments are closed.