Let’s imagine the following headlines:
“Data leak probing company XYZ due to stolen computers.”
“Third-party company relying on company XYZ has lost personal details of around five thousand individuals due to an act negligence.”
“Fast growing service provider fails to secure its own organization in a proper manner.“
“Company XYZ employee found a second exciting source of wealth: selling valuable client information to competitors.”
In today’s society people are encouraged to act in a ‘fast and furious’ way. But let’s all prevent fatal car crashes since we sometimes tend to lose an oversight of some basic principles and hygiene that need to become part of ourselves and our company culture.
One of these main principles is your current approach towards data coming into your direction.
We are all ‘aware’ (in a dormant manner) of the existence of phishing e-mails. These mails claim to act in the capacity of a legitimate company and provide a convincing message in order to scam you into handing over private or confidential information. But you need to realize that phishing scams can have shocking consequences, since they are used for identity theft, corporate theft or financial theft. Phishing attacks become more and more sophisticated.
You do not want to wake up and observe that your bank account has been emptied.
So use your common sense before handing over sensitive information.
Confidential information is a set of data that is not generally known to the public and would normally not be available to competitors (e.g. manufacturing methods, customer lists, financial data, business plans and price lists), unless illegal or improper methods have been applied.
But also gross negligence can lead to a significant leak of confidential data.
Confidential information – again some corporate blablabla?
Did you ever take a moment to think about the consequences of leaving your USB stick (with confidential data) on your desk, leaving your laptop in the car, having a telephone conversation with the client while using public transport?
What would be the impact should you not treat (personal and corporate) confidential information in a diligent manner?
Not only you but also your company could suffer a ‘massive breakdown’. Please keep in mind the costly law suits, the loss of clients, reputational damage, loss of employment, financial breakdown … that could occur.
In that context I would like to stress out that in essence all employees are subjected to a general obligation, both during the employment and after its termination, not to disclose trade secrets, business secrets and /or personal secrets of which they have learned in the course of their work1.
Most employment agreements also foresee specific clauses enforcing employees to act in strict compliance with their duty to respect their confidentiality obligation.
In the event of (reputational) damage caused by an employee due to non-compliance with the confidentiality obligation employees can be judged liable if they are guilty of deliberate fraud, gross negligence or have committed a serious offence.
Please keep in mind that any exposure of confidential data can have a detrimental impact for you and your company. So handle them at all times in a more ‘sensible’ manner in order to avoid fatal accidents.
1Article 17(3)a of the Contracts of Employment Act of July 3, 1978