You are here: Home A Guide for Protecting Proprietary Information

A Guide for Protecting Proprietary Information - IV. Policies & Rules

Article Index
A Guide for Protecting Proprietary Information
II. Impact of Disclosure
III. Examples of Confidential Information
IV. Policies & Rules
IV. Policies & Rules (cont.)
V. Executing Non-Disclosure Agreements
VI. Post Contract Debriefing
VII. Compliance Auditing
ANNEX A
ANNEX B
All Pages

IV. POLICIES AND RULES 

An organization seeking to protect sensitive, confidential information might want to consider one or more of the following:

1.  The Company should establish a written confidentiality protection guide and share it with all staff who interact with confidential information belonging to either the Company, or the Company's partners, collaborators and customers.  All key staff members should read and become familiar with the guide.  Upon hiring, each Company staff member should sign a contract that includes a confidentiality provision.  Periodically, such as once each quarter, the Company should remind staff members about their confidentiality obligations.   Management should incourage staff members to discuss questions or concerns about information protection with Company management.

2.  When the confidential status of a piece of information is ever in question, a staff member should assume the information is confidential.  Thereafter, the staff member should refrain form disclosing the information until management has provided clarification.

3.  A staff member should not disclose confidential information unless the staff member obtains authorization from management and the receiving party has signed a confidentiality agreement.

4.  Staff members should not allow confidential information to remain on a desktop or computer screen exposed to view when not actively used. Staff members should keep proprietary information out of sight or turned over when those who should not see the information are in the office or have access to the office.

5.  A staff member should only share confidential information with other Company staff members who need to know the information.

6.  The Company should prevent unauthorized user access to any electronic and physical areas containing confidential information.  For computers, staff members should password protect screensavers. For electronic data, staff members should password protect files. For hardcopy documents, staff members should limit the physical access to the document by locking the office door, locking a desk drawer, locking a filing cabinet, and / or restricting room access.

7.  A sender of an email should assume unauthorized readers will view the text and files contained in an unencrypted email.  A sender should not send sensitive data in an unencrypted email or file.  Senders should use encryption and passwords when possible. A staff member should take precaution when moving confidential information from one point to another, either by mail, personal delivery or electronic form.  The greatest risk is the movement of information electronically without the use of security protections.  The exchange of information over the Internet provides significant risk of exposure unless the exchanged information is subject to encryption or password.  The exchange of information using unencrypted emails provides a significant risk of exposure even where the information is marked confidential.  The sender must always assume that an unauthorized reader will see all information sent by email. Prior to sending information via the Internet, the staff member should consider the risk of an inadvertent disclosure to an unintended third party.  If a disclosure poses significant damage to Company or a Customer, or would violate a Company non-disclosure obligation, then the staff member should take extra precautions including encryption, password protection or refraining from sending the information. 



Legal Notice

Terms of Use - Privacy - Copyright and Trademark Notice

Copyright 2005 - 2018 Dominion General Counsel, PC