From the desk of: Sam C. Chan

General Confidentiality & Email Related Issues

July 27, 2002   (this is a "declassified" internal memo)

To:    Vicky Tankard

From time to time, you might want to forward my messages, including official memos to clients. I want to remind you of the confidentiality issues...

Some of our correspondence are confidential in nature. As with all companies, our policy is to pass on information based on strict right-to-know + need-to-know basis. i.e. Jackie doesn't have the right-to-know the root password for FELI, as she's only a junior staff and lacks that level of security clearance. Since she's handling the web dev proj for SOD acct., she should be given the login info to SOD only, not the rest of the clients, even though she does have general clearance for client info. She does not need to know about M or in this instance.

The consequences of breaching confidentiality range from shear personal embarrassment, to catastrophic financial losses, to legal liabilities. Obviously we need to and want to protect our own information. We are also under legal and moral obligations to preserve confidentiality of client information.

Let's address the process of forwarding email specifically:

 Refrain from forwarding email from the folder level.

When you right click and forward a message from a list, it's all too easy to be off by one line and inadvertently send the wrong one. There's also no warning that the info is confidential. Instead, open the message to preview and confirm that it's the intended content. Only then click forward from within the message. If the message is flagged confidential, there's a prominent yellow banner from Outlook announcing it.

Another related issue is attachment procedures. Our policy dictates that you must open up each attachment from within the outgoing email, after you attached them, and just prior to sending. This will give you a final chance to review and confirm they're indeed the right files and versions.

When sending confidential email, you should set the sensitivity before proceeding to compose it, as you would certainly forget by the time you finish. The subject line should be prefixed with MEMO-C as redundant safeguard.

S

Copyright @2005-2006   Bravo Technology Center  *  Bravo:GO  *  Contact Us