From the first pre-employment interview, your company will accumulate information about its employees. The longer they work for you, the more information you will have, which increases the risk of leaking something confidential. Confidentiality is covered by a mix of federal and state laws, and a number of court decisions, but there are basic principles you can follow that will lower the risk of breaching confidentiality.
Medical information is particularly sensitive, the Nolo legal website advises, and you can only divulge it in certain circumstances, such as to insurers or to medical professionals providing emergency treatment. Your company should make extra efforts to keep medical files private by filing them separately from other personnel records. If you offer health insurance, you might have to appoint an employee as privacy official to oversee the security of medical records. Even if the information stays within the company, office gossip about confidential matters such as drug treatments or illness could lead to legal trouble.
Need to know
You can minimize the risk of a breach of confidentiality by minimizing how much information your company gathers. Don't solicit information or keep it in your files unless it's information you have to have. Limit access to the information to members of your staff who need to know it and be careful about divulging it to outside parties. If you're contacted by a law enforcement agent or an insurer asking for information, ask for proof of her identity before cooperating.
Information such as Social Security numbers that could be used for identity theft should be protected carefully. Writing in "Connections Magazine," Rachel Kuntz states that personnel files contain a lot of data usable for identity theft. For that reason, files that show Social Security numbers, bank information for direct deposit and similar data should be closely secured, with access available only to the individuals such as human-resources employees who need to know it for their jobs.
Your company will be better off, according to "Business Management Daily," if it treats confidential information as an employee's property. The appropriate employees should be allowed to know confidential information for business purposes, but that doesn't mean they can treat it casually or abuse it. If a supervisor learns something personal about an employee during a performance review, they shouldn't divulge it, even to their coworkers.