Ten blog korzysta z plików cookies na zasadach określonych here

Data under strict control

How the company can be secured against the situation when a worker (e.g. while changing the work or setting up his own business) copies data base, contacts, documents, etc.? How the entrepreneur can secure himself against that kind of practices and in which way can claim its rights, if such a situation nevertheless arises?

More and more, the biggest value of the company doesn’t lie in the material assets or in the gathered funds, but in the information, especially in clients data base, economic and statistical data or technology documentation. As a rule, the more information retains its exclusive and confidential character, the more valuable it is. Hence, protecting against information leakage is becoming one of the most important challenges for modern companies. Besides the physical and technical measures, can the legal solutions help us with this?

Mark and introduce proper clauses

The proper marking is the first step to legal protection of confidential data.  According to regulations about fighting against unfair competition, entrepreneur is entitled to claim the protection and request compensation for breach of confidentiality of its data, provide that he took appropriate steps in order to secure it. In consequence, if the clauses, wording or context don’t show clearly that the information is confidential, contractor or firm worker may consider that there are not any obstacles to spread it. In order to avoid ambiguous situations, we should include the confidentiality clause in crucial documents and determine the procedure which indicates who and when is obligated to insert it. Additionally, in order to protect data which are on the process of formation, and have not been covered by appropriate clause so far, it’s worth to create internal statute, which describes categories and way of proceeding with the most sensitive data which are currently developed in the enterprise.

The second step is the introduction of proper provisions  in the contracts signed with the firms and workers who have the access to company secrets. The threat of high monetary sanction can effectively  prevent from neglecting in data protection as well as from theft premeditation acts. It is worth to know that kind resolution may be applied to all workers, regardless their form of employment is. Admittedly, the labour code includes many restrictions on financial responsibility of the worker, however, this limits don’t concern intentional faults. It may seem there aren’t any obstacles to stipulate in the employment contract that kind of penalty, on the condition that it will be limited to the situation of intentional data disclosing.

Monitor the data and information flow

The third step for the entrepreneur who takes care of his data is monitoring the flow of data and operations carried out on data. In the case of infracting the secrecy, it is not possible to draw the consequences if we are not able to provide evidence that unambiguously indicates the way and the person responsible of leaking. However, it is important to remember that monitoring of physical persons, including pictures, determination of localization, or tracking of correspondence, constitute a serious interference in their private zone. In order to legalize that kind of movements, prior analyse is crucial. We have to know if they are restricted to the minimum, correspond with the information weight and with the scope in which particular person has the access to it.

Another crucial condition is previous, clear informing about monitoring, methods, time and range, persons who are involved. If the monitoring is introduced during cooperation with the person, it is important to obtain approval in the form of appendix or separate declaration. It is worth to underline that implementation of monitoring (as well as lack of consent for monitoring) is an important change in law and obligations between parties of the contract and generally may be a sufficient base for giving in notice to the other party of the contract.

Applying law methods described above about data protection decrease the chance of developing issues in that subject. Moreover, even if such kind of infringement occurs, the entrepreneur will have the proof and tools which allow him to take effective actions against the infringers.

There are many methods to claim the rights in such situations, starting with civil claim and finishing with sanctions resulting from competition law and described in penal code. The decision about choosing the proper one depends on the specific situation and normally is a complex matter, therefore it’s an accurate decision confide it to the specialist.

#clients data base #economic data #protection of confidential data #statistical data #technology documentation

Would you like to be informed about the latest blog posts?

  • - Just provide your e-mail address and receive notifications about the latest posts on the SKP/IPblog blog directly to your inbox
  • - We will not send you spam messages

The administrator of your personal data is a SKP Ślusarek Kubiak Pieczyk sp.k. with its registered office in Warsaw, at ul. Ks. Skorupki 5, 00-546 Warszawa.

We respect your privacy, therefore the data provided to us will not be processed and made available outside the SKP for purposes other than those included in the Terms of Service. Detailed provisions regarding our IP Blog, including a catalog of your rights related to the processing of personal data, can be found in the Privacy Policy.