Protect Business Secrets

Tekes – the Finnish Funding Agency for Innovation- has announced that a security breach was detected in the online application system. What makes this announcement alarming is that Tekes is the most important publicly funded organisation for financing research and innovation in Finland. Therefore, Tekes receives substantial amount of sensitive and confidential business information from their customers.

Although it has been announced that no sensitive information has been used or disseminated so far, it is of essence to remind the importance of protection of confidential business information when processed within a company or disclosed to co-operation partners.

Misuse, loss or unauthorised access to confidential business information may significantly harm the business. Therefore it is advisable to adopt proper preventive measures before such confidential information is disclosed to any co-operation partner.

1.Review internal information handling policies

It is advisable to implement rules and procedures regarding handling of confidential business information. All employees should be aware of what kind of information is regarded as confidential in the company and what are the procedures to protect such information from loss, misuse or unauthorised access. Information security procedures should be reviewed on regular basis to secure maximum information protection level.

2. Non-disclosure agreements

Prior to disclose sensitive business information to the co-operation partner, whether it is a private company or public authority, it is advised that risk analysis is carried out evaluating whether the partner is able to provide a proper security level when confidential business information is disclosed.

Further to this, when considering submitting sensitive information to any co-operation party a case specific non-disclosure agreement should be signed. Such agreement usually contains rules regarding handling of sensitive information, obligations to secure that disclosed information remains confidential as well as effective penalty clause in case of violation of non-disclosure agreement.

It should be noticed that the Information Society Code (917/2014, FI:Tietoyhteiskuntakaari ) effective as of 1.1.2015 among other aims to ensure the confidentiality of electronic communication.

For further information please do not hesitate to contact us.