Template:Confi term: Difference between revisions

From The Jolly Contrarian
Jump to navigation Jump to search
Created page with "So must your confi have a {{confiprov|term}}? Some insist on a hard stop, say two years, after which {{confi|confidential information}} ''ceases'' to be confidential. Inhous..."
 
No edit summary
Line 1: Line 1:
So must your confi have a {{confiprov|term}}? Some insist on a hard stop, say two years, after which {{confi|confidential information}} ''ceases'' to be confidential. [[Inhouse lawyer|Inhouse lawyers]] may profess themselves to be immutably bound to have such a term by internal [[policy]]. While the commercial value of much information ''does'' go stale over time (blueprints for a BetaMax, anyone?), this isn’t universally true — a client list is valuable however long you hold it — and the usual justification for the hard stop (“we just don't have the systems to indefinitely hold information subject to confidence and don't want indeterminate liability for breach”) is a canard — a palpably false one at that, for a regulated financial institution. Whatever information security systems you do have don’t suddenly stop working after three years. And as for [[indeterminate liability]] — well, [[no harm no foul]]: if the information really is stale then no loss follows from a breach, right? No loss, no damages.
So must your confi have a {{confiprov|term}}? Some insist on a hard stop, say two years, after which {{confiprov|confidential information}} ''ceases'' to be confidential. [[Inhouse lawyer|Inhouse lawyers]] may profess themselves to be immutably bound to have such a term by internal [[policy]]. While the commercial value of much information ''does'' go stale over time (blueprints for a BetaMax, anyone?), this isn’t universally true — a client list is valuable however long you hold it — and the usual justification for the hard stop (“we just don't have the systems to indefinitely hold information subject to confidence and don't want indeterminate liability for breach”) is a canard — a palpably false one at that, for a regulated financial institution. Whatever information security systems you do have don’t suddenly stop working after three years. And as for [[indeterminate liability]] — well, [[no harm no foul]]: if the information really is stale then no loss follows from a breach, right? No loss, no damages.

Revision as of 17:05, 13 May 2019

So must your confi have a term? Some insist on a hard stop, say two years, after which confidential information ceases to be confidential. Inhouse lawyers may profess themselves to be immutably bound to have such a term by internal policy. While the commercial value of much information does go stale over time (blueprints for a BetaMax, anyone?), this isn’t universally true — a client list is valuable however long you hold it — and the usual justification for the hard stop (“we just don't have the systems to indefinitely hold information subject to confidence and don't want indeterminate liability for breach”) is a canard — a palpably false one at that, for a regulated financial institution. Whatever information security systems you do have don’t suddenly stop working after three years. And as for indeterminate liability — well, no harm no foul: if the information really is stale then no loss follows from a breach, right? No loss, no damages.