Confidentiality, in very simple terms, means safeguarding privileged or sensitive information that is not in the public domain. I am sure many of us have seen documents marked “private and confidential” or have heard of “closed door meetings” or been told something in “confidence” or “between you and me” or “for these four walls only”. Essentially it means that the information is sensitive, guarded and should not be shared without the prior approval of the owner or divulging party.
In many professions confidentiality is a key ethical requirement that should be upheld. Such professions include but are not limited to medical practice, banking, legal practice, accounting, tax, auditing, consultancy, engineering, etc. In fact confidentiality is key in almost all aspects of business.
Importance of confidentiality
Observing and upholding confidentiality in business helps achieve the following:
It builds trust. For example if a client is assured that his/her affairs or sensitive information will not be disclosed by the business or practitioner this builds trust. A client who has peace of mind will most likely bring more business and possible refer other clients. Clients do not want their affairs disclosed to third parties. I have had repeat and referred business with many clients on legal and business advisory mandates who are happy with confidentiality over their affairs.
Keeping information confidential will help safeguard a business idea from being spied on or being manipulated by for example competitors. A party to a business arrangement that discloses confidential information without prior approval may be sued by the aggrieved party.
Breach of confidentiality
There are many ways confidentiality may be breached. These ways may include the following:
A party to an agreement may simply choose to ignore the contractual provisions on confidentiality and share sensitive business information with third parties.
This may be through the principals, officers, employees or even relatives of the disclosing party. Such disclosure could be intentional or through negligence.
For example information can be shared with third parties during periods of stress or elation.
Negligence or lack of awareness may come in different ways. Many times I have listened to people talk about business ideas or other businesses said to be doing well or struggling. In a bid to show that the participants have information the participants end up disclosing identities of the businesses or individuals involved. This is very unfortunate and should be avoided.
Name dropping. There are people who are in the habit of building their profiles through name dropping. They may even do so to intimidate or impress those they seek to do business with.
Trade references. It happens quite often in business that a prospective client may require trade references. There is a temptation to disclose some trade references without first seeking clearance from clients.
Weak internal policies and practices on confidentiality. Some business do not have strong internal policies and practices on confidentiality.
As a result there may a culture of unapproved disclosures. This may even extend to unsecured filing of hardcopy documents or softcopies.
Imprudent use of the social media, even for marketing, may result in the leakage or release of confidential information.
Insecure storage of hardcopy or softcopy client information. Facilities that are exposed to the public. These facilities or offices may expose well known people to the public and hence speculation on their affairs.
How to ensure confidentiality of information
There are many ways to mitigate the risk of breach of confidentiality in business. Some of them are explained hereunder.
Non- Disclosure Agreement (“NDA”)
It is common for parties to a business arrangement to sign an NDA before disclosing confidential information to each other. An NDA may also be combined with a Non – Circumvention Agreement (“NCA”).
An NDA usually includes aspects such as:
- Parties to the NDA,
- Interpretations or definitions,
- Definition of what constitutes confidential information,
- Non- disclosure, basically limiting unauthorised disclosure to a third party,
- Breach, consequence of breach, dispute resolution.
- Confidentiality clauses in contracts
Many contracts include a clause on confidentiality, its breach, consequences and resolution thereof.
Due diligence on a party
Before entering into a business arrangement it is important to carry out due diligence on a party including its attitude towards confidentiality.
Most professionals who belong to professional bodies are bound by their professions’ ethical requirements.
Secure facilities or offices
Facilities or offices have to be in an environment that allows for handling of confidential business arrangements. This can be done for example at the consultant’s facilities, client’s facilities or secure neutral meeting place.
Confidentiality policies and procedures. It is advisable for businesses to design and implement policies and procedures on confidentiality.
Some organisations even include that in their Code of Conduct by making violation an offence. Businesses should decisively deal with internal cultures that violate confidentiality by their officers or staff.
Communication of confidential information
Confidential information should be communicated through secure means. Where possible make it difficult to share. For example emails and whatsapp chats are usually forwarded or revealed to third parties.
Confidentiality is a major factor in business. It brings about peace of mind, trust and more business.
Godknows Hofisi, LLB(UNISA), B Acc(UZ), CA(Z), MBA(EBS,UK) is a legal practitioner / conveyancer, chartered accountant, corporate rescue practitioner, and consultant in deal structuring and tax. He writes in his personal capacity. He can be contacted on +263 772 246 900 or [email protected]