Confidential Information

A Confidential Information policy sets clear expectations for protecting your organization's non-public business information and third-party data during and after employment, while preserving employees' legal rights to report concerns, cooperate with investigations, and discuss wages and working conditions as protected by law.

How to Write a Confidential Information Policy

• Start with "why" and the purpose behind keeping certain information confidential.
• State the core rule that employees must protect confidential information during employment and after it ends.
• Define confidential information at a high level and give a few representative examples.
• Set an expectation to use caution and limit access, use, and sharing to legitimate business purposes.
• Explain how employees should handle uncertainty by treating information as confidential until clarified.
• Describe consequences for improper disclosure, including workplace discipline and potential legal exposure.
• Cross-reference any separate confidentiality or non-disclosure agreement as the controlling source for detailed obligations.
• Include a rights carveout stating the policy does not limit legally protected activity (including whistleblowing and discussing wages and working conditions).

For advice on writing a Confidential Information policy in a specific jurisdiction, see below.