Handling client’s financial details or intellectual property comes with a huge responsibility that you might not always be aware of. And accidents happen, even with the best of intentions.
But what is a breach of confidentiality, exactly? What does it mean for your business? And how can you protect yourself against any legal claims that arise because of one?
Here, AXA runs through what you need to know about breach of confidentiality and why it's so important that your business adheres to it.
What is a breach of confidentiality?
Officially, a breach of confidentiality is a failure to respect a person's privacy by telling another person private information. For example, a doctor discussing a patient’s records without their consent, or a police officer giving details of a case to the accused.
But for small businesses, it’s about leaks of personal information about your staff or customers. It could be leaving your work laptop containing payroll records on a train. Or as simple as discussing business matters in a public place where you could be overheard.
If a breach of confidentiality occurs, you could be liable for claims to be made against you – putting your business and your livelihood at risk.
Why is confidentiality important?
In a world built on ideas, protecting them is important.
Whether it’s upcoming business plans that you’re consulting on, or company accounts that you’ve left on a train, a breach of confidentiality can have a ripple effect – and a simple conversation about a potential expansion plan could end up bankrupting your business entirely.
It could leave your business vulnerable to cyber-attack, stolen intellectual property or commercially sensitive information swirling around in the public domain. You’ve got a professional responsibility to protect against these leaks.
And in terms of your professional reputation, you’re not going to win the trust of new business with rumours of leaked information following you around.
Where could my business breach confidentiality?
A breach of confidentiality can happen much more easily than you think. It could even happen without you realising it.
A briefcase is left on a train, containing a laptop and important documents. A stray email from an employee accidentally sends commercially sensitive details to the wrong person. A social media log-in breach causes chaos online.
All businesses can find themselves at risk of a confidentiality breach. From the smallest start-up to the most experienced professional firm, if your business handles any confidential information, you must be aware of the risks and able to keep that information safe and secure.
Examples of confidential information that could be:
- Business processes, plans and methods
- Financial information and customer details
- Plans, sketches and drawings
- Details/plans of inventions while filing a patent application
Even if these breaches take place without malice, they still carry a risk of a claim being made against you.
What can I do to avoid breaches of confidentiality?
From examining your business’ internal processes to managing people correctly, there’s plenty you can do to safeguard your company and keep your confidential information confidential, and even a few simple procedures can help you make big strides towards keeping your small business safe.
1) Be open about privacy
Have a written data protection and privacy policy and make it easily accessible to your staff and your customers. This policy should be the first port of call for anyone seeking information about your reason for collecting their personal data and the way you’ll use it. Remember to include new rights about how to request data, or its deletion, to make sure you’re compliant with the latest General Data Protection Regulation (GDPR).
2) Consider Non-Disclosure
A Non-Disclosure Agreement is a legal contract where two parties agree not to disclose or share any confidential or sensitive information. They’re often used to protect a business’ intellectual property, product information or trade secrets. For your business, consider if it’s useful to have your employees or partners sign an NDA before you begin working with them in order to safeguard your secrets and protect against breaches of confidentiality.
3) Perfect your password protection
Always encrypt sensitive data and ensure that all machines and important documents or files are password-protected. Manage access to specific files or data drives by only sharing passwords with trusted individuals who need access, keeping out unauthorised employees and freelancers. And always review passwords, change them every few months, and make sure they’re as secure as possible by using a mix of numbers, letters and special characters.
4) Train staff in security
Make sure that anyone in your business, whether an existing employee or a new start to your teams, is fully up to speed with your business’ security measures. This could be as simple as making sure they know to lock their computer screens when leaving their desks, or to ensure they don’t take any customer or company data out of the office. Have them sign to provide evidence that they understand your security protocols and are aware of the consequences of breaking them.
How can I protect myself against a claim?
Keep your business safe with professional indemnity insurance from AXA. It’ll help cover the cost of possible legal fees and compensation pay-outs if you’re found to have provided poor service, advice or design that’s resulted in financial loss for your clients.
If you end up responsible for legal fees, expenses, compensation or defence costs – it’ll help you cover your costs. Plus, it’ll open up your business to new opportunities too – meaning you’ll be viewed as a company worth trusting and able to access membership of professional bodies.
Worried about a breach of confidentiality? The devil’s in the detail.
Even the smallest leak can spell a significant risk for your business. By taking care of how you store, handle and share customer information, you can safeguard against expensive legal cases and reputational risk.