TARRY HOUSE, INC.
|
Subject: Proprietary Information |
Procedure Number:
B.P. 11 |
|
|
Site: All
Sites |
|
|
|
Issued By: Executive
Director |
Effective: |
|
|
Approved By: The
Board of Trustees |
Revised: |
|
|
Reference Policy:
M.L.10; M.L. 02 |
Reviewed: |
|
|
Standards
Reference: |
CARF: Section 1 C ODMH: 5122-30-22 |
|
I.
POLICY
All employees, Board members and volunteers are expected to be aware of the importance of the Agency’s security policies and programs, particularly those aimed at safeguarding proprietary and confidential information, policies, programs, written procedures, forms and proposals created by Tarry House Board members, employees, or volunteers. Each individual’s actions determine whether Tarry House is able to uphold its integrity, protects its proprietary and confidential information, and meet the highest possible security standards.
Employees are expected to follow all security policies and
programs aimed at safeguarding proprietary information. Employees are prohibited from using or
disclosing proprietary/confidential information for the purposes other than
conducting authorized Tarry House business during or after the employee’s employment
at Tarry House. All employees are
expected to follow this policy and to report any infractions to their
supervisors or to the Executive Director.
Proprietary information includes Agency activities, marketing
information, financial information, expansion plans, program information, the
records of those served, census and accounting data, among others.
Confidential information includes personal information about
Agency employees that could lead to expensive invasion of privacy lawsuits if
released. Trade secrets include
programs, methods, techniques, processes, policies, procedures and forms that
provide us with an advantage over
our competitors. The unauthorized
copying or dissemination of confidential information is grounds for dismissal.
II.
Procedure
The
following guidelines are offered to help guard proprietary/confidential
information:
·
Confidential information must be labeled in a
consistent manner.
·
Access to confidential information is restricted
to those with a “need to know.”
·
All information released to the public must be
cleared by the Executive Director.
The following list summarizes
information that is considered proprietary:
·
Research and development information, especially
plans for new programs
·
Market analysis data
·
Cost, accounting and financial information
·
Agency operating policies and procedures
·
Flowcharts
·
Forms
·
Fundraising plans
·
Plans regarding mergers and acquisitions,
expansions or diversification
·
Budget forecasts
·
Bid information
·
Methods for keeping costs down
·
Memoranda concerning impending layoffs, legal
actions, and disciplinary procedures
·
Employee benefit information
To ensure security, employees must
examine carefully all the ways that sensitive information is stored or
discarded. They must pay particular
attention to marketing, payroll and accounting information.
Utilizing the best practices for
business records retention schedule, files no longer needed for auditing or
legal purposes containing financial reports, lists of persons served and their families,
outdated checks, purchase orders, and personnel information should be shredded.
Early drafts or reports or other agency
documents should also be shredded.
Only designated employees are
allowed to make copies of Agency records.
These individuals are also responsible for ensuring that all not needed
copies containing preparatory or confidential information are properly
destroyed.
Visitors are required to sign in
and out of Agency premises. The
employees on duty, while honoring privacy for visitors and the person they are
visiting, need to be aware of where the visitors are at all times. Employees are not allowed to have visitors,
except on emergency basis. All employees
are asked to report unauthorized visitors to their immediate supervisor. Visitors are not allowed to carry cameras
without special permission. Employees
cannot provide information to any unidentified individual about those
served. Information can only be shared
about those served to persons who are authorized to receive such information
via the proper release form.
All confidential information must
be labeled “Confidential” and documents so labeled must be consecutively
numbered. When in use, documents must
not be removed from the Agency’s premises.
When not in use, such documents must be kept in a secure, file, paper,
disc, or hard drive.
Only approved personnel have access
to confidential areas of the Agency.
Such areas must be kept locked, and access is limited to those employees
who are authorized personnel.
Unauthorized personnel found in confidential areas are subject to
disciplinary action. Access to secure
areas and document rooms is restricted to authorized individuals.
The Executive Director or his/her
designee has the right to inspect the personal effects, including briefcases,
of any employee leaving agency premises.
________________________________________ _____________________
Executive
Director Date