PDF download Download Article
Protect your clients' most sensitive information with these simple tips
PDF download Download Article

Whether you’re an entrepreneur or an educator, protecting sensitive information is a priority. For some industries, such as healthcare, there are strict laws and ethical codes that govern private information. Since private information is routinely stored electronically, any conversation on confidentiality must cover cybersecurity. While codes, laws, and technology are complex topics, the foundation of confidentiality is simple: awareness. Always be conscious of your actions, aware of your surroundings, and informed about your responsibilities.

Method 1
Method 1 of 3:

Protecting Confidential Information

PDF download Download Article
  1. Don’t leave private documents unattended, whether you’re a nurse, lawyer, or an employee handling your company’s confidential material. Remain aware of where the materials are and who can access them. When disposing of confidential documents, do not merely use a single paper shredder, as the shredded paper can be re-integrated. Try to shuffle the documents and then process documents at several paper shredders. If you tend to destroy confidential documents in bulk, contact confidential recycling company on site. [1]
    • For example, if you’re a healthcare professional, don’t leave a patient’s medical records unattended on a cafeteria table or in a reception area.
  2. In addition to securely storing confidential materials, ensure they’re protected from damage. For instance, irreplaceable vital documents should be stored in fireproof, waterproof safes or cabinets.
    • When you leave a secure room, make sure drawers, cabinets, and doors are locked. To avoid accidental breaches, get in the habit of double checking every handle before you walk away from a storage unit or door.
    Advertisement
  3. Always be aware of your surroundings whenever you talk about private information. Discuss sensitive information in a private setting, and make sure only authorized personnel are within earshot. [2]
    • When you have to confer with a colleague about a patient or client, discuss only the necessary details. Depending on your location and industry, you might be legally required to withhold or change any identifying information.
    • If a client or patient calls you, head to a private location to talk. Unless it’s an emergency, avoid discussing confidential over the phone. Discuss scheduling issues over the phone, for example, but save sensitive information for a face-to-face conversation.
  4. Regardless of your role or industry, you’ll most likely sign a non-disclosure agreement at some point in your professional career. Always read any contract carefully before agreeing to its terms. [3]
    • If you’re an employee, make sure you understand terms such as using your company’s intellectual property within certain bounds or not discussing operations with family and friends. Report to your manager if you need to access to confidential documents, if necessary.
    • If you operate a business, you’ll want to secure any confidential information you need to exchange during transactions, negotiations, and other occasions. For instance, if you’re presenting an invention to a potential investor, it’s wise to have your lawyer draft a non-disclosure agreement to ensure your intellectual property won’t be used without your consent.
  5. Advertisement
Method 2
Method 2 of 3:

Complying with Privacy Laws

PDF download Download Article
  1. From healthcare professionals to educators, each profession has its own ethics codes on confidentiality. Furthermore, laws that govern confidentiality vary by location, and industries are regulated in different ways. [4]
    • While ethical and legal obligations can get complicated, not knowing them won’t be an excuse if you accidentally breach them. Your employer or professional organization should provide resources on ethical and legal compliance.
    • If you’re not sure about a situation that could lead to a potential ethical or legal pitfall, don’t do anything without doing your homework. Consult your profession’s code of ethics, look up applicable local or federal laws, get advice from a trusted colleague (without disclosing private information), or contact your professional organization.
  2. If you handle confidential information for a client or patient, you’re most likely ethically or legally bound to make sure they understand their privacy rights. Tell them what information is recorded, how it’s stored and for how long, and how it’s used. [5]
    • Ask them if they have any questions about how information such as medical or legal records are stored and used.
    • Additionally, inform them of the limitations of their right to privacy. For instance, if you’re a therapist, inform your patient that you’re obligated to report if they threaten to harm themselves or others.
  3. When 2 laws interact, 1 takes precedence over the other. In general, comply with the law that offers stricter privacy protections for a patient or client. [6]
    • Suppose you’re a psychologist in New Hampshire and you’ve received a subpoena requesting information about a patient. New Hampshire (NH) state law and the Health Insurance Portability and Accountability Act (HIPAA) both govern how providers handle patient records, but vary when it comes to disclosing patient records to legal authorities.
    • Since NH law requires a court order or patient consent, rather than a subpoena alone, it offers stricter protection than HIPAA. In this case, you’d be breaking the law if you complied with the subpoena.
  4. Make sure any other entities that you do business with understand privacy laws that regulate your industry. Check their history of compliance, and steer clear if you find any violations in their history. [7]
    • For instance, suppose you’re a doctor or counselor running a private practice. Research all associates you hire or services you retain, including billing specialists, medical staff, insurers, labs, and internet service providers. If someone on staff or a service you use mishandles confidential information, your practice could lose its reputation and suffer legal consequences.
    • Title 13 in the United States Code mandates that all of the data collected by the Census Bureau is confidential. [8]
    • There are all kinds of legal restrictions, so it cannot share the data. [9]
    • But there are no restrictions for Facebook and Google. They can share their data. [10]
  5. Sometimes, you’re legally obligated to disclose information that would otherwise be confidential. For instance, if you’re a healthcare professional, you’re required to contact the authorities if a patient tells you they plan on harming themselves or others. Failure to do so could land you in legal trouble and jeopardize your professional certification. [11]
    • Additionally, patient or client records might be requested by subpoena, court order, or warrant. If necessary, disclose only the information specified in the legal demand. For instance, if a court order requests information about a specific injury, don’t disclose records about an illness they had as a child.
    • Keep in mind that attorney-client privilege takes precedence over legal demands, such as a discovery request or ordering a lawyer to testify under oath. [12]
  6. Advertisement
Method 3
Method 3 of 3:

Securing Electronic Information

PDF download Download Article
  1. Install and update antivirus and anti-malware software. The first step to safeguarding electronic data is to keep your antivirus software updated. If it’s not updated, you’re not protected from the latest online threats. [13]
    • Additionally, make sure you and anyone you work with use the internet safely. For instance, don’t click on suspicious links or open email attachments from unknown senders.
  2. More data is compromised due to shoulder surfing than computer viruses, but it’s an often overlooked aspect of cybersecurity. [14] Make sure monitors, computer screens, and other devices that display confidential information are visible only to authorized personnel. [15]
    • For example, if you own a small restaurant, don’t leave your laptop open on the bar with your financial information visible. If you’re a doctor, make sure patients can’t see screens that display personal information from the waiting area or reception desk.
    • It’s also wise to use privacy screen savers and password-protected lock screens.
  3. Always make sure you’ve correctly entered an email address or fax number before sending any documents that contain sensitive information. If think you might have a letter or number wrong, call the recipient to verify their contact information. [16]
    • Additionally, review your industry’s code of ethics and local laws to make sure you’re allowed to send a given confidential document.
  4. private electronic data whenever possible. Even if you’re not legally required to encrypt electronic data and communications, you should still consider it. Look into hiring an IT security specialist to develop a secure portal through which you can communicate with patients or clients. [17]
    • If you’re a member of a professional organization, they might partner with a company that specializes in secure communications for your industry. You might be able to hire that company at a discounted rate.
  5. Advertisement

Expert Q&A

Ask a Question
      Advertisement

      Tips

      Submit a Tip
      All tip submissions are carefully reviewed before being published
      Name
      Please provide your name and last initial
      Thanks for submitting a tip for review!

      About This Article

      Thanks to all authors for creating a page that has been read 126,709 times.

      Reader Success Stories

      • Jim Hawkings

        Jun 5, 2019

        "OMG, this is brilliant!"
      Share your story

      Did this article help you?

      Advertisement