data confidentiality policy

 

Purpose

Clinical Pathways’ confidentiality policy outlines our expectations for handling confidential information. Contractors will receive and handle personal and private information about clients, partners, and our company during the regular course of day-to-day tasks. The purpose of the policy is to ensure that this information is well-protected.

We must protect this information for two reasons. It may:

  • Be legally binding (e.g., sensitive customer data).

  • Constitute the backbone of our business, giving us a competitive advantage (e.g., business processes or intellectual property).

 

Scope

This policy applies to our employees, contractors, interns, and anyone who has permanent or temporary access to our electronic systems.

 

Responsibilities

Each individual who will access our systems is required to read, understand, and comply with this policy.

 

Definitions

Confidential information:

Common examples of confidential or proprietary information are:

  • Unpublished financial information

  • Data of Customers/Partners/Vendors (existing and prospective)

  • Intellectual property

  • Data entrusted to our company by external parties

  • Pricing/marketing and other undisclosed strategies

  • Documents and processes explicitly marked as confidential

  • Unpublished goals, forecasts, and initiatives marked as confidential

 

Procedure

Confidential and Proprietary Information

Contractors may have various levels of authorized access to confidential information. Data should only be shared on an as needed basis and only among other contractors who have access permissions to that data.

 

Best Practices

What Personnel Should Do:

  • Lock or secure confidential information at all times.

  • Shred confidential documents (paper) or delete and empty trash (electronic) when they are no longer needed.

  • Make sure to only view confidential information on secure devices.

  • Only disclose information to other contractors when it is necessary and authorized.

  • Keep confidential documents within our company’s systems unless it is absolutely necessary to move them.

What Personnel Shouldn’t Do:

  • Don’t use confidential information for any personal benefit or profit.

  • Don’t disclose confidential information to anyone outside of our company without authorization.

  • Don’t replicate confidential documents and files and store them on insecure devices or locations.

When contractors or interns stop working for our company, they are obliged to return any confidential files and delete them from their personal devices.

 

Confidentiality Measures

We take measures to ensure that confidential information is well protected by:

  • Storing and locking paper documents, when applicable.

  • Safeguarding electronic information and databases.

  • Requiring contractors and interns to sign non-disclosure agreements (NDAs).

  • Asking for authorization from the Operations Director to allow contractors to access certain confidential information.

 

Exceptions

Confidential information may occasionally have to be disclosed for legitimate reasons. Examples are:

  • If a regulatory body requests it as part of an investigation or audit.

  • If our company examines a venture or partnership that requires disclosing some information (within legal boundaries).

In such cases, contractors involved should document their disclosure procedure and collect all needed authorizations. Only that information that is required to be disclosed should be.

 

Working Remotely

When working remotely, the confidentiality policy still applies.

 

Disciplinary Consequences

When best practices and the company’s policy are not followed, disciplinary actions may be implemented. Each incident will be assessed on a case-by-case basis. In case of breaches that are intentional or repeated, the contract will be terminated and could have the potential for legal action (for example, intentional theft of intellectual property for personal gain).

 

Duration

This policy is binding even after contract end date.

Last updated: 01-Dec-2022

Last reviewed: 11-Apr-2024


CONTACT US

If you have any questions about this Confidentiality Policy, please contact us.