Confidential Data Policy

The Confidential Data Policy identifies what information the company considers "confidential" and specifies how that data should be handled.  It covers such topics as access, encryption, and transmission over the network, third-party access, and more.  This policy is useful in securing confidential data in its many forms: credit card information, patient information (PHI), customer information, company confidential information, and more.

Confidential data is often the data that is most valuable to the company, and often to others as well.  Thus, this data must be handled with special care.  The Confidential Data Policy (used in conjunction with the Data Classification Policy) details exactly how this is to occur.

A Confidential Data Policy developed with the application will include the following detailed sections:

1. Overview
2. Purpose
3. Scope
4. Policy
    4.1. Treatment of Confidential Data
        4.1.1. Storage
        4.1.2. Transmission
        4.1.3. Destruction
    4.2. Use of Confidential Data
    4.3. Security Controls for Confidential Data
    4.4. Examples of Confidential Data
    4.5. Emergency Access to Data
    4.6. Applicability of Other Policies
5. Enforcement
6. Definitions
7. Revision History

Available in the Gold Package only, this is a policy that is intended to be used by technical staff and management as well as distributed to end users.

Your custom Confidential Data Policy will be delivered immediately upon completion of the wizard via email, as both a PDF and an RTF file.  RTF files are editable in all major word processing programs, including Microsoft Word.

Our security policies were written based on a cohesive and integrated approach using security best practices stemming from the C-I-A triad of confidentiality, integrity, and availability.  This approach aligns with both real-world and industry standard-based objectives, resulting in an invaluable resource for your security policy management.  A confidential data policy Policy developed with the wizard will provide the foundation for a realistic, practical implementation of your IT security policy program.

Please contact us if you have any questions about this policy. has delivered thousands of IT Security Policies to companies from 5 to 50,000 employees.  The management of has over 20 years of successful experience in the field of information security.

Buy Now