Your Resources
Employers – are you taking steps to protect customer information?
There are many businesses that collect sensitive personal information about customers. It is timely for all businesses to remind themselves of basic steps they can take to protect customer information.
Pro-active employment policies
We recommend employers adopt pro-active policies and workplace rules. As with all workplace policies, these should be communicated clearly to all employees.
Suggested policies may include rules such as:
- Sensitive information is not to be released without consent.
- Rubbish is to be securely disposed of.
- Email addresses must be carefully entered.
- Email tails must be deleted before emails are sent on, or replied to.
- Technology must be logged out of when employees leave work.
- Portable devices with client information on them should be protected by passwords or encryption.
- Clear guidelines on where and how information can be accessed remotely.
- Alarm codes, passwords, and security details must be protected.
Protections within employment agreements
Customer information can also be protected through well-drafted employment agreements.
We recommend as a minimum:
- Employees agree to protect confidential information through a clause in their employment agreement or through a subsequent confidentiality agreement.
- Employment agreements acknowledge that the employee is aware of, and agrees to comply with, the employer’s workplace policies.
- The employee should agree to return corporate devices on the termination of their employment.