Monday, January 25, 2021
Corporate Compliance Insights
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Articles
    • See All Articles
    • NEW: COVID-Related
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Leadership and Career
  • Vendor News
  • Jobs
  • Events
    • Webinars & Events
    • Submit an Event
  • Downloads
    • eBooks
    • Whitepapers
  • Podcasts
  • Videos
  • Subscribe
No Result
View All Result
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Articles
    • See All Articles
    • NEW: COVID-Related
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Leadership and Career
  • Vendor News
  • Jobs
  • Events
    • Webinars & Events
    • Submit an Event
  • Downloads
    • eBooks
    • Whitepapers
  • Podcasts
  • Videos
  • Subscribe
No Result
View All Result
Corporate Compliance Insights
Home Ethics

Coffee-Shop Talk…Making Confidential Information Public

by Marcy J. Maslov
September 3, 2014
in Ethics
Coffee-Shop Talk…Making Confidential Information Public

You overheard a teammate divulging confidential information about a client to a friend at the coffee shop. This information is potentially damaging to the client. What would you do in this situation, and what is your obligation to the client?  -e-Factor!® scenario

I was delivering a continuing professional education workshop on ethics recently and this scenario came up for discussion.  It generated a heated debate between those who felt they had absolutely zero responsibility in this case and those who believed the client had a right to know that confidential information had possibly been made public.

Protecting confidential and proprietary information is a big deal for most companies. Many people are unaware this common situation creates ethical dilemmas and potential conflicts. People fail to connect coffee shop talk with confidentiality requirements. So let’s explore this scenario in more detail to determine the potential ethical issues, solutions and consequences.

First, what makes this situation an ethical dilemma?  Is it that confidential information is being revealed?  Or is it because this is happening in a public place?  Maybe, however, the true dilemma is that we’ve overheard something and now we have knowledge of something we feel is not right. We may think it’s not our place, we don’t have authority or it’s not our business because the teammate doesn’t work for us directly.  At a very high level, though, could we say each of us has an obligation to protect the organization and clients we work for?  Our immediate answer to this may depend on our experience level and position with the company.  We don’t all think the same, and we don’t have the same interpretation of what is confidential. We may need to start our analysis by clearly defining what we consider to be confidential and making sure everyone in our organization understands this definition.

Let’s peel away another layer of the dilemma and look at stakeholders.  The biggest stakeholder is the client whose information is being made public.  Yes, I said “being made public.”  In the accounting world, the American Institute Code of Professional Conduct specifically identifies actions like this, posting on social media and even answering questions from trade association surveys as actions that could be construed as being made public.  Especially if the information provided has enough detail that we could reasonably tie it back to a specific organization. Once information is made public, it is no longer protected by the rules of confidentiality. Have you ever tried recalling a post on social media?

The other stakeholders here are the talking teammate and us. The teammate who is talking clearly is violating obligations to protect client confidentiality. But why are we stakeholders in this? We’re just overhearing something being said! We’re not directly involved, are we?  Well, our organization is also a stakeholder, one that may be held responsible for damage to the client if it is significant and can be reasonably proven. Ah, so now we see why our role as “witness” may have some responsibility attached to it…

It’s true that people talk.  It’s also true we may have policies and procedures that prohibit this sort of situation from occurring – on paper.  However, if we don’t enforce this policy consistently it may also be true that we’re at risk. So what choices do we have in terms of taking action in this specific situation? How can we prove we’re enforcing our confidentiality policies?  And what are the consequences of each option?

For starters, we can ignore it, pretending we heard nothing. This is the safest and easiest way for us.  However, if a problem occurs as a result of this coffee shop talk, doing nothing is just as bad as doing the talking!  We had a chance to prevent further damage, and we didn’t take it because we didn’t want to be involved…!

We can talk to the teammate privately right in the moment and suggest they stop talking about clients in public places.  There’s a way to do this politely and professionally and yes, nicely. They truly may not know their conversation could cause trouble, and we’re giving them an opportunity to choose their actions and be accountable. For me, how a person responds here shows whether or not they are trustworthy, but it’s also a matter of how we communicate – accusatory wording will bring out a defensive attitude no matter how noble our intentions are, right?

We can always report this to the organization’s compliance officer or the teammate’s direct supervisor.  This is a more serious step requiring proof and details, not just gossip. It documents the incident and is protection for us and for the company.  It shows that we are enforcing our policy, so if this is our biggest concern, we’ve answered it. It could also damage our relationship with the teammate and affect our perceived credibility.

And finally, we can talk to the client directly and let them know what happened. This is an extreme option, possibly destroying trust between client and our organization and leading up to a loss of the client, lawsuits or other consequences. Does the client have a right to know? This is the question needing an answer to justify this action.

These are just a few choices we have coming off the top of my head.  I’m sure you can think of more.  So what action should we take now?  We all have to choose… What’s your decision?


Previous Post

Convercent Appoints Three Senior Executives, Strengthening Management Team of Fast-Growth GRC Leader

Next Post

What’s Holding Back the Internal Audit Transformation? Internal Audit’s Technology Performance Gap

Marcy J. Maslov

After watching companies and clients struggle with ethical dilemmas, Marcy J. Maslov invented e-Factor!®, a business ethics board game designed to provide a practice arena for solving real-life ethical dilemmas before they cost time, money or reputation. Marcy is founder and CEO of Empowerment Unlimited Coaching, LLC, a business coaching practice devoted to building strong, ethical leaders and entrepreneurs. She has extensive Fortune 500 and entrepreneurial background including implementation of Sarbanes-Oxley programs, creation of corporate ethics courses, forensic accounting and public speaking on business ethics. Marcy has lived or worked in over 20 countries, including France, Mexico and Canada. She is a Certified Professional Coactive Coach, has earned a BS in Accountancy (U of IL Champaign-Urbana) and MBA (Duke University ‘92). Contact Marcy at marcy@e-Factorgame.com or www.e-Factorgame.com.

Related Posts

Trump supporters on the steps of the Capitol

Trump, the Coup, and Corporate Ethics

January 11, 2021
Book Review: Grappling With The Gray

Book Review: Grappling With The Gray

December 18, 2020
edison bulb

The 7 Principles of Ethical Leadership

December 14, 2020
model blue VW van upside down in a puddle

Critical Lessons from the Volkswagen Scandal

September 11, 2020
Next Post
What’s Holding Back the Internal Audit Transformation? Internal Audit’s Technology Performance Gap

What's Holding Back the Internal Audit Transformation? Internal Audit's Technology Performance Gap

Access realtime data
Dynamic Risk Assessments with Workiva

Special Coverage

Special COVID page graphic

Jump to a Topic:

anti-corruption anti-money laundering/AML Artificial Intelligence/A.I. automation banks board of directors board risk oversight bribery CCPA/California Consumer Privacy Act Cloud Compliance communications management Coronavirus/COVID-19 corporate culture crisis management cyber crime cyber risk data analytics data breach data governance decision-making diversity DOJ due diligence fcpa enforcement actions financial crime GDPR GRC HIPAA information security internal audit KYC/know your customer machine learning monitoring ransomware regtech reputation risk risk assessment Sanctions SEC social media risk technology third party risk management tone at the top training whistleblowing
No Result
View All Result

Privacy Policy

Follow Us

  • Facebook
  • Twitter
  • LinkedIn
  • RSS Feed

Category

  • CCI Press
  • Compliance
  • Compliance Podcasts
  • Cybersecurity
  • Data Privacy
  • eBooks
  • Ethics
  • FCPA
  • Featured
  • Financial Services
  • Fraud
  • Governance
  • GRC Vendor News
  • HR Compliance
  • Internal Audit
  • Leadership and Career
  • Opinion
  • Resource Library
  • Risk
  • Uncategorized
  • Videos
  • Webinars
  • Whitepapers

© 2019 Corporate Compliance Insights

No Result
View All Result
  • Home
  • About
  • Articles
  • Vendor News
  • Podcasts
  • Videos
  • Whitepapers
  • eBooks
  • Events
  • Jobs
  • Subscribe

© 2019 Corporate Compliance Insights