What is confidentiality in terms of information security?

Confidentiality “implies a relationship between two or more persons in which the information communicated between them is to be kept in confidence.”

Confidentiality is important to maintain privacy, security and trust in personal and professional relationships. Confidentiality is valued and expected in any situation where sensitive information is accessed or shared. Breaking the rules of confidentiality by releasing private information to the wrong entity can cause discord, broken trust and even lawsuits between parties.

The need for confidentiality can arise in a number of ways:

  • As a contractual duty through a service agreement, employment contract or client agreement.
  • As an ethical duty informed by a code of ethics or code of conduct
  • As a statutory duty governed by professional regulation or a particular legislative scheme.

To ensure confidentiality, workers should only access confidential information for work that is covered by their job description and the policies and procedures of the organization. They should only disclose information to other parties where a client (or co-worker in relation to their personal information) has consented to the release of the information or where disclosure is required or mandated by legislation due to indications of risk of harm. Further workers need to ensure that any information that is collected is securely stored and disposed of.

Share This:

Leave a Reply

Your email address will not be published. Required fields are marked *