iQuda Staff Confidentiality Code of Conduct
Date of this version: 05/10/2016
All staff working for iQuda Ltd have a legal duty to keep data/personal information confidential. Clients who believe their confidentiality has been breached may make a complaint to iQuda Ltd and they could take legal action. The Information Commissioner (iQuda Ltd ICO Reference ZA156764) could also fine iQuda Ltd if confidential data is not kept secure.
This Staff Confidentiality Policy has been produced to ensure all staff members at iQuda Ltd are aware of their legal duty to maintain confidentiality, to inform staff of the processes in place to protect personal information, and to provide guidance on disclosure obligations.
Personal information is data in any form (paper, electronic, tape, verbal, etc) from which a living individual could be identified, including name, age, address, and personal circumstances, as well as sensitive personal information like race, health, sexuality, etc.
This code applies to the handling of any and all personal information relating to:
- • Our clients, their organisations (Stakeholders), data and their staff (Data Protection Act 1998)
- • iQuda Staff and all iQuda related data and information.
- • All information iQuda processes.
The code is compulsory for all staff including permanent or temporary.
4. Recognise your obligations
A duty of confidence arises out of the common law duty of confidence and employment contracts, it is part of your professional obligations. Breaches of confidence and inappropriate use of records or computer systems are serious matters which could result in disciplinary proceedings, dismissal and possibly legal prosecution. So, make sure you do:
- • Ensure that personal information is not at risk of unauthorised access. This means you should:
- Lock confidential papers away when you are not working with them
- Ensure that your desk is clear of paperwork at the end of the day. iQuda operates a clear desk policy.
- Close computer screens if it is possible for other people to see personal/customers information that you are working on and always when you leave your desk, even temporarily
- Never knowingly misuse any personal/customers information or allow others to do so;
- Never access records or information that you have no legitimate reason to look at. This includes records and information about our customers and any of their staff/stakeholders.
5. Keep personal information private
Make sure you comply with the following staff guidelines which set out practical things you should do to keep personal information protected:
- iQuda IG Overarching Policy (Q203));
- Use of passwords (iQuda IT Password policy (Q204))
- Appropriate use of computer systems (iQuda Acceptable Use Of Assets (Q210);
- iQuda Information security policy (Q201)
- iQuda Data Protection Policy (Q211)
6. Requests for information
It is the intention of iQuda Ltd to operate with transparency. We therefore commit ourselves to disclosing the information we hold about our clients, to the client the information pertains to, at the request of the client. Information cannot be disclosed to other persons, unless we are required to do so by law. Requests for information disclosure must be made in writing to be reviewed by Managing Director Anthony Jones. We are committed to responding to requests within 30 days from the date the request is received. We may charge a fee for information requests.