Every employer of Labour, particularly business ventures, values the privacy of company secrets and procedures, as expected; employees in such a company must maintain some standard of confidentiality. Arguably, it is challenging to understand when that trust has been violated, because the breach of confidentiality definition can be a moving target. Wherein employees have signed a confidentiality agreement, then the breach of confidentiality definition is easy to understand. But confidentiality in employment is implicit, regardless of whether employees have signed an agreement. By implication, employees are not to disclose proprietary information or data about the employer’s company to a third party without employer’s consent. Where an employee violates this explicit or implicit agreement, the penalty for breach of confidentiality can be Spartan.
Understanding Confidentiality Agreements
A breach of confidentiality occurs when data or information provided in confidence to you by a client or employer is disclosed to a third party without your client’s or employer’s consent.
A confidentiality agreement is also known as a non-disclosure or secrecy agreement. These agreements are used to protect company secrets, processes, products, trademarks, and patents.
In an event where information is disclosed to someone without the consent of the person or persons who owns that data, a breach of confidentiality is said to have occurred. For instance, if a management or business consultant were to put together a document using confidential information from a business they are consulting for, then email it to a different client by accident, that would be a breach of confidentiality.
Importantly, breaches of confidentiality do not necessarily need to occur following a mistake or premeditated event. Wherein you have sensitive information on your computer or an archive, and that computer or file is stolen, that situation arguably amounts to a breach of confidentiality.
Upshot of Confidentiality Breach
A breach of a confidentiality agreement results in serious consequences to the parties involved. The actions that can be taken and possible consequences include:
Employees can also be subject to a civil suit for breach of confidentiality. For instance, wherein a doctor working as an employee in a healthcare clinic, discloses medical information to a person not authorized to receive that information, the breach of patient confidentiality consequences could include a civil lawsuit for medical malpractice. Healthcare privacy is essential, not only to protect a patient’s right to decide who has access to sensitive information but also to protect doctors and other healthcare professionals from malpractice claims. Breach of patient confidentiality consequences can include a sizeable award for damages and a loss of reputation for a doctor or healthcare clinic. To guard against these types of breach of patient confidentiality consequences, many healthcare businesses purchase malpractice insurance as the case may be in that jurisdiction.
As a way of seeking remedy for breach of confidentiality against the violating party, an injunctive relief must be filed in order to have the court stop the party in violation from continuing their actions. Then, evidence of the breach should be gathered to show there has been irreparable harm. The language of most confidentiality agreements states that any breach would be seen as causing irreparable harm.
If an employee confidentiality agreement has been breached, the employer may receive monetary damages from the employee. If the damages can be calculated, the employee may be responsible for the entirety of the loss. For example, if an employee has sold trade secrets to a competitor, loss of market share and revenue may be calculable. The employee may also be responsible for punitive damages.
Loss of Business Clients and Relationships
- Wherein businesses share services with other businesses, confidentiality agreements are used as a way to protect company secrets, operations, and more.
- If a breach or violation of the agreement occurs, there can be severe consequences on the business and professional reputations and the loss of current and future clients.
- The person guilty of the breach may find themselves blacklisted, which can result in the inability to conduct business.
- The guilty person, who may work in a niche industry, may gain a long-lasting or permanent bad reputation, making conducting business impossible.
- Any future employers will see the guilty person as a potential liability if they are hired.
A prima sanction for breach of confidentiality is termination of employment. This is especially true if the employee in question signed a confidentiality agreement prior to starting the job. The employee confidentiality agreement will always state that the employee who breached or violated the contract will be fired, in other words, an employee who signs this type of agreement agrees that a violation of confidentiality is also a violation of the employment contract. It will also include the stipulation that seeking monetary damages will be pursued. Firing the employee can take place even if an employment contract is in place. The breach will most likely also violate the employment contract. The penalty for breach of confidentiality is not restricted to employees who have signed confidentiality agreements, however. For example, (as earlier stated) if the company in question is a computer security company and an employee’s laptop is stolen, and that employee did not encrypt sensitive data on that computer per company policy, it could constitute a breach of confidentiality.
Employment confidentiality agreements are used by many companies, including those in marketing and advertising products. In some situations, the breach of confidentiality will be severe enough to include criminal charges and possible incarceration.
Criminal charges can occur when the breach of confidentiality has severely affected the company.
Defending against criminal charges is another possible employee consequence for breach of confidentiality. Such a charge is typically reserved for serious or extreme cases in which the breach caused significant financial, physical or emotional loss. For instance, if an employee’s breach of confidentiality involved theft of employer’s proprietary information or intellectual property that was later used for financial gain, criminal charges may be warranted. Theft is a violation of criminal law that in some instances can be punishable by a stiff fine or imprisonment. As a business owner, you would report the theft to law enforcement, and the state or federal government would charge the employee with the crime.
How to Protect Against Breaches of Confidentiality
These days, most people who come into contact with a business, whether as an employee or freelancer, will have access to confidential information.
There are steps both business owners and freelancers can take to minimize the risk of confidentiality breaches. Here are some of the main ones.
- Must ensure everyone coming into the business, either as an employee or freelancer, has training on the employer’s security process.
- The employer must have a written confidentiality policy in place and make it easily accessible.
- Manage access to folders to keep out unauthorised employees and freelancers.
- The employer must set up permissions for work emails so that only certain people can read and reply to emails in shared inboxes.
- The employer must encrypt as much of the company’s sensitive data as they possibly can, especially on removable storage devices (such as USB sticks and external hard drives).
For freelancers and other contractors;
- Must keep client files somewhere with password protection and enable two-factor authentication.
- Never connect to non-private networks (such as WiFi in cafes) when accessing client data.
- Encrypt as much of your sensitive data as you can, especially on removable storage devices (such as USB sticks and external hard drives).
- A freelancer or contractor may advisably, purchase professional indemnity insurance just in case the worst happens and you suffer a data breach.
What to do if a Breach of Confidentiality Happens
Sometimes, despite a party’s best efforts, the party might breach confidentiality, or have his/her confidentiality breached.
The outcome of breaching confidentiality can vary; sometimes an apology can be enough for a client/employer, however if they have suffered a loss, legal action may follow. The costs just to defend the claim can be expensive, before factoring in settlements or court costs, which is why professional indemnity insurance is generally seen as vital cover for professionals working with confidential information.
Whether you are an employee, employer or freelancer, you should read over your contract to see exactly what it says about confidentiality breaches and then contact your legal representative, who will be able to advise you further.
Please note this article is just a guide, and it is not intended to serve as a legal advice. Kindly seek proper counsel on the subject from a Legal Practitioner.