MAINTAINING CONFIDENTIAL INFORMATION

Share:

INTRODUCTION FOR MAINTAINING CONFIDENTIAL INFORMATION 

Confidential information can be as small as a fingerprint or as big as a business plan. It’s the details of an internal investigation or a secret ingredient for success. One breach or careless mistake can put an entire organization at risk. Do employees know how to protect confidential information? Are they aware of the potentially devastating consequences of failing to keep it safe?

Confidential Information identifies key pieces of data that require protection.

The course provides examples of personal data and management information, as well as business information and trade secrets. Employees will explore critical concepts in intellectual property and will learn best practices for protecting confidential information. Learners will engage with entertaining animations, video and real-world scenarios to get the knowledge they need.

Protecting confidential information is everyone’s responsibility. In-depth training increases the likelihood that employees will recognize this important information and take the right steps at the right time to protect it.

 

COURSE OBJECTIVE

  • Examples of personal, management and business information and trade secrets
  • The difference between public and confidential information
  • Guidance on seeking help and reporting improper disclosures
  • Ownership of intellectual property
  • A discussion of trade secrets
  • Best practices for protecting personal, management and business information and trade secrets
  • Guidelines for preventing and handling theft and loss
  • Handling and storage best practices
  • When to raise concerns or seek help
  • Assurance the organization will investigate reports and take action as necessary
  • A restatement of non-retaliation policy
  • The value of each employee in preserving the organization’s reputation and maintaining an ethical workplace

 

WHO SHOULD ATTEND

  • Compliance, Data Protection Team, Human Resources, Internal Audit, Finance

 

DURATION

  • 2 Days

 

TRAINING METHODOLOGY WILL BASEDON THE FOLLOWING

  • Highly Interactive Session, with a bilateral approach to the subject matter allowing participants to share incidences at respective work locations.
  • Mind Mapping and Group Activities
  • Case Studies on various reported Cases
  • Energisers

 

COURSE CONTENT

A. COMPLIANCE & STRATEGY

  • Organizational Compliance Framework (An overview)
    • Legal
      • Contracts Act 1950
      • Case Laws (Malaysian & International)
      • Evidence Act 1950
      • Personal Data Protection Act 2010
      • Competition Act 2010
      • IP Laws
    • Standards
    • Best Practices

 

  • To Manage
    • People
      • Internal
      • External
    • Property
      • Tangible
      • Intangible

 

B. TYPES OF CONFIDENTIAL INFORMATION / DATA

  • Personal data
    • What is Personal Data and its express and implied definition
    • Forms of Personal Data: As long as it identifies a data subject
    • Email – Whether it can be classified as personal data depends on the circumstances of the case.
    • IP address – Whether it can be classified as personal data depends on the manner in which it is disclosed.
    • Employer and Employee relationship. Data collated as pre-employment checks; Data volunteered just prior to employment; Data obtained during the course of employment.

 

  • Commercial Transaction
    • Any transaction of a commercial nature, whether contractual or not.
    • What are the areas of commercial activity that falls under the purview of Commercial > Transaction.
    • Contracts

 

  • Sensitive personal data 
    • Definition and categories
    • Circumstances and conditions under which it can be processed or disseminated within the ambits of Personal Data Protection Act 2010

 

  • Processing – What constitutes Processing
    • Collecting
    • Recording
    • Holding
    • Storing
    • Organizing
    • Publishing on the Internet
    • Making available

Breakout Room Group Activity & Mind Mapping- Group discussion and presentation

 

  • Principles of Data Protection

For data to be processed lawfully in Malaysia, a data user shall comply with the following principles, namely

    • General Principle
    • Notice and Choice Principle
    • Disclosure Principle
    • Security Principle
    • Retention Principle
    • Data Integrity Principle
    • Access Principle

    A detailed explanation coupled with examples and case studies of each principle will be shared with participants. The exception to the General Principle will also be discussed.

 

  • Trade Secret
    • Classification
    • Categories
    • Method of Collection
    • Method of Storage
    • Method of Disclosure
    • Method of Protection via Policy, SOP and Contracts

 

  • Intellectual Property
    • Methods of Protection
    • Copyright
    • Trademark
    • Patent
    • Implications of IP Breach
    • Administrative Body

 

  • Business / Corporate Information
    • Informationrelating to: –
      • business
      • financial
      • procedures
      • techniques
      • methods
      • concepts
      • ideas
      • affairs
      • products
      • processes
      • services
      • source code
      • distribution
      • marketing
      • selling
      • research & development

The importance of the above data / information shall be discussed in detail during class.

 

C. CONTROL METHDOLOGY

  • Maintaining Confidentiality Through Effective Contract Management
    • Basics of Non-Disclosure Agreements (NDA) /Non-Disclosure Clause (NDC)
    • The impact of non-compliance to NDA / NDC

 

  • Why, When, and With Whom Do We Need NDA?
    • NDA Context
    • NDA Format

 

  • Standard Provisions
    • Samples of Contracts

 

  • Definition of Confidential Information
    • CI Definition
    • What’s Included in CI
    • What’s Excluded from CI
    • Scope of CI
    • Exceptions to Confidentiality

 

  • Risk Management – To Prevent Theft or Loss of Confidential Information
    • Critical Business Process Identification
    • Gap Analysis & Identification
    • Risk Description
    • Severity Rating (Impact & Likelihood Analysis)
    • Gap Closure
    • Managing Residual Risk

 

  • Investigations – To Identify Theft or Loss of Confidential Information
    • Method of investigation of confidential information loss, destruction, infringement
    • Collation of evidence
    • Investigation reporting

 

  • Internal Audit
    • Method of conducting effective risk based auditing
    • Audit Report
    • Process Improvisation

 

  • Consequence Management Plan For Breach of Confidentiality
    • Misconduct
    • Due Inquiry
    • Show Cause
    • Disciplinary action.

 

HOW TO ENQUIRY FROM US?

  1. Fill in the form below and submit to us.
  2. Initiate a conversation via live chat on the bottom left of our website by stating: “Hi, my name is [your-name], Ive already submitted the form for this training.”
  3. Well promptly reach out to you regarding the training youre interested in.
MAINTAINING CONFIDENTIAL INFORMATION

ENQUIRY form

    ORGANIZATION DETAILS






    PERSON-IN-CHARGE DETAILS




    FOR FURTHER INFORMATION, PLEASE CONTACT US!