Businesses of all sizes use confidentiality policies both in their employee handbooks and as part of standard human resources paperwork in the hiring of contractors and regular employees. The exact nature of the confidentiality policy will vary significantly based on the needs of the business. For example, an intellectual property law firm will likely have a much more detailed confidentiality policy than a shoe store, but all organizations need such policies to protect themselves in a competitive modern business environment.
Confidentiality Policy Versus Confidentiality Agreement
A confidentiality policy is a general statement of the company's policies and expectations regarding confidentiality for everyone associated with the company. An employment confidentiality agreement is an explicit legal contract, or a clause within an employment contract, that is signed as part of the hiring process. The agreement details what information must be held confidential and for how long. Employees working at different positions in a company might well have different confidentiality agreements, based on their work duties; employees working on a contract basis might have specific confidentiality clauses in their employment contracts.
Why Have a Confidentiality Policy?
Confidentiality policies exist to protect the private information of employers. A large computer chip manufacturing company obviously has some valuable intellectual property and proprietary manufacturing processes to protect, for example, but smaller businesses also need to protect sensitive information relating to their operations. Think about client or customer lists, or the "secret recipe" for your best-selling chocolate chip, toasted walnut cookies, for example. Violations of a confidentiality policy, aside from termination of employment, can lead to a civil lawsuit against the violator for the breaking of contractual obligations.
What to Include
What to include in a confidentiality policy depends a great deal on the needs of the business. Most larger business confidentiality policies forbid the discussion of salary and benefit information as well as any and all commercial or trade secrets and/or company financial information. Usually the categories of potential confidential information are spelled out in detail for larger businesses while smaller businesses might have a shorter list or be able to just slightly modify a boilerplate confidentiality policy.
What Not to Include
Do not make the confidentiality policy so strict that it violates employees' free speech rights or Section 7 rights, the freedom to organize unions in the workplace. Some legal cases have been heard involving overly restrictive anti-fraternization policies; in these cases, the National Labor Relations Board struck down the companies' confidentiality policies as too restrictive, and courts validated the NLRB's decision on appeal.