A lot of the information related to your job is privy to the company. And we need everyone on the same page about what information is public knowledge, what is not, and how to tell the difference. This policy goes over all that.
How [company name] does what it does is the secret to our success. So, we want to keep our company data and knowledge as private as possible. That way, our organization can continue to thrive.
This includes:
We require that all stakeholders sign and abide by our confidentiality agreement (or non-disclosure agreement). Basically, it says stakeholders cannot share information about our organization, its employees, or its customers without authorization.
We consider confidential information to be:
If you are unsure whether we considered a specific bit of information confidential, please treat it as such until [a leadership team member] has confirmed otherwise.
If you have any questions about what is considered confidential, ask your manager.
We expect all stakeholders to:
Likewise, stakeholders are not allowed to:
Note: If your employment is terminated, you must return all confidential files to [company name]. As well as delete any company files you may have stored on your personal devices - even if they do not hold protected information.
The general rule is to not share protected information.
But there are a few exceptions. For example:
In these cases, employees sharing the information must:
If you are found sharing confidential information with an unauthorized party, we will apply our [disciplinary action process] to resolve the issue.
This policy affects all employees, including contractors and volunteers, who may have access to confidential information.