Page 27 - PWM_DECEMBER2022 EBook
P. 27
TECHNOLOGY REPORT
employment. Hiring employers beware that “every member of staff attends
What should be worrying for employ- Experience and depth of knowledge are key attributes that an induction training at the start of their
ers is detailed by Stevens. He says that employer will seek in any new hire. And it’s possible that incom- employment which covers all company-
“confidential information can become ing employees will have captured confidential information from wide security procedures and policies”.
part of an employee’s necessary skill and their former employer. But as Pope explains, it “will usually be the The process pays particular attention
knowledge, and, in those circumstances, subject of restrictions and new employers may find themselves to confidentiality and what is expected
employees are entitled to use that skill subject to duties of confidentiality that prevent them from using it from staff. But prior to employment,
and knowledge when they leave and in a useful way for their business – even if it is of a great commer-
work for another company or competi- cial benefit.” Ruda says that “all applicants go through
tor”. However, an employer can try to The problem, says Stevens, is that skills, knowledge, experience a rigorous vetting process including
stop them from doing so by way of a and general know-how gained during employment can often be Police Act Disclosures (repeated every
post-termination restrictive covenant. regarded as belonging to the employee – more often than not “dif- two years), a verbal reference from a pre-
Practical steps ficulties arise when employee divulges more specific information vious employer, two written references
There are, however, practical and pre- or uses contacts from their previous employment.” from previous employers (covering a
ventative steps that employers can take And there is case law on the subject detailed by Pope: the 2021 five-year history), proof of identity and a
to protect confidential information. For case of Trailfinders Ltd v Travel Counsellors Ltd & others. Here 40 credit reference.”
Pope, this means identifying what is sales consultants at Trailfinders left to join a competitor which Beyond that the company issues regu-
important, protecting it, training staff encouraged them to bring their customer contact lists; the con- lar training questionnaires with a focus
on the importance of protection, and sultants weren’t warned that this might lead to a breach in confi- on cyber security, data management and
monitoring for any breaches. dence. GDPR. Further, there is regular training
On the first, identification, Pope says Pope highlights that “the Court of Appeal held that the competi- and testing on data security “and our
that firms should pinpoint the confiden- tor was in breach of an obligation of confidence. Even though it people receive annual refresher training
tial information that it owns. This may was not explicitly made aware that the information was confiden- covering the stringent requirements of
include intellectual property, such as tial, it ought reasonably to have known that it was or, if unsure, it ISO 27001, with the principal focus on
Defend your data it may be as simple as a list of client in adverts or in interviews that confidential information is wel- information security.”
should have made enquiries as to whether it was”.
marketing information and its brand, or
So, to minimise the risk of trouble, firms should never suggest
Ruda recognises that statistically users
names and contact numbers. He adds:
“Once identified, that information
landscape, as a result, the company regu-
Anything otherwise could result in a claim against the firm for
should be appropriately labelled with comed. Also, material in their possession should not be used. are the weakest point in the security
‘confidential’ or ‘not to be disclosed losses. Similarly, incoming employees should be asked to confirm larly runs internal ‘phishing’ exercises to
externally’, securely stored, and handled whether they have any restrictions in their previous employment familiarise staff with the ways scammers
accordingly.” contract that will impact on their new role. Lastly, Stevens has can dupe individuals into disclosing sen-
Stevens is of the same view and sug- seen previous employers seek to protect information through the sitive information. The company is for-
gests that firms make it clear to employ- courts, which could include issuing an injunction in order to tunate to, as Ruda comments, have a
ees when information is sensitive by restrain the use of the information: “A previous employer may very low turnover of staff. But when staff
marking emails or documents as ‘confi- seek damages or an account of profits from the employee and/or leave, he says that they are subject to exit
dential’. He would also ensure that cer- the new employer. There are also risks associated with the use of interviews that “explain the ongoing
tain key information is circulated to confidential information which is otherwise protected.” implications of company confidentiality.
limited numbers of employees only. Registered copyright or a patent is a good example which firms
The key benefit here for Pope is that will want to prevent a former employee – or a new employer – We also have a comprehensive account
“understanding which employees have from using in the future. closure procedure in place to ensure that
access to information will assist when it In summary data is dealt with according to require-
comes to justifying the employment ments”.
contract protections that need to be put Confidential information is by its very nature valuable, and Ruda emphasises that the company
in place”. firms should take great care to protect it against loss and misuse. “has invested heavily to ensure confi-
Next comes the need to protect data Similarly, employers should ensure that they are not put in a posi- dentiality and minimise the risk of data
through contracts and policies to ensure tion where they might be accused of abusing another’s protected leakage.” To illustrate this, he explains
there is a legal disincentive against infor- information. that email and data are monitored for
mation and intellectual property being CASE STUDY certain words and number sequences to
poached. detect any anomalies. Ultimately, Ruda
For Stevens, an obvious way to do this TALL Group
is to put in place effective security meas- Martin Ruda, group managing director of the Tall Group, says says that for the security print industry,
ures for information such as password that all of the company’s employees are made “very aware that the integrity of data is of the highest
protection and encryption. security and confidentiality is of paramount importance”. He adds importance for all organisations.
www.printweekmena.com December 2022 PrintWeek MENA 27