Workplace confidentiality involves any confidential information that an employee can come across in the ordinary course of business. Confidential information can be broadly categorised into three main categories:
- Personal information of customers
- Employee information
- Proprietary (business) information or “trade secrets”
Workplace confidentiality should be treated as a high priority for businesses as the misuse of information could potentially damage the business in many ways. There are both legal and non-legal actions that businesses can take to ensure that workplace confidentiality is achieved.
Legal Steps to Ensure Confidentiality
When recruiting new employees, make sure that there is a confidentiality clause in the employment contract. This sets the expectation between employer and employee that the business takes confidentiality seriously and that any breach or misuse of confidential information can result in legal action.
Confidentiality Agreements / Non-Disclosure Agreements
These are binding documents that can be used to restrict a person from using or disclosing information shared with them in discussions outside of the workplace. An example of this would be if an employee had a meeting with another stakeholder and disclosed confidential information during commercial discussions. To protect that information from being shared, the employee can request that the stakeholder sign a confidentiality or non-disclosure agreement. This will act as a safeguard to ensure that the stakeholder cannot disclose the information to third parties.
A business can also implement a workplace policy that covers confidentiality. This can ensure that all employees understand their roles, responsibilities and obligations when it comes to handling confidential information, as well as highlighting the seriousness of complying with confidentiality policies.
Below is an example of the kinds of things a confidentiality policy could cover:
- What kind of personal information the business collects about employees
- Guidelines for collecting personal information
- How the business will deal with requests for personal information from third parties
- Guidelines for the use of electronic communications and social media
- Consequences for misuse of information or breach of the confidentiality policy
Non-Legal Steps to Ensure Confidentiality
Apart from the legal options available to ensure confidentiality in the workplace, there are also effective non-legal actions that a business can take to minimise any risk of breach.
One of the more simpler options for a business is to create office practices that encourage the right behaviours and sets the correct expectations to employees regarding confidentiality. This means building a workplace culture where employees understand and respect the rules regarding confidentiality. Things to consider in creating a workplace culture that achieves this include:
- What is the expectation of employees when dealing with sensitive information?
- What kinds of digital platforms are employees using to carry out their work and how can the business ensure employees are using the platforms properly
- Knowing who can access certain information and documents
- Providing routine training to employees on how to maintain workplace confidentiality
Below is a checklist of practices that can be used to ensure that confidentiality in the workplace is be achieved:
- Keep employee personal information secure so that no unauthorised persons can access it
- Consider your privacy obligations when providing personal information to third parties.
- Develop policies that outline the use of electronic communication and social media. This will help explain what is appropriate in a personal and business context
- Providing training to managers to ensure that only relevant information regarding employees is collected
- Have open and transparent communication with staff about privacy issues to ensure that they fully understand their responsibilities when dealing with confidential information and are aware of any policies in place to protect confidentiality, both in and out of the workplace.
It is important to remember that obligations regarding confidentiality can still be in effect after an employee has left the company. Generally, an employee’s contract of employment will outline the obligations for disclosing information after they have left or been terminated. There are also other factors that may affect their obligations such as fiduciary duties or equitable obligations.
Confidentiality is extremely important in the workplace. Whether dealing with customer, employee or business related data, any misuse or disclosure of information to third parties can have negative consequences on a business.
To ensure that confidentiality is complied with, make sure that your business takes the necessary steps to limit any risk associated with the misuse or disclosure of confidential information.