Confidential information refers to items that should be kept private. This can include documents, images, or audio materials. Conversations are also commonly subject to privacy, especially in client-professional relationships. If information is not public then it generally has an owner, which can be an individual or an organization. In most cases, only the owner is permitted to share or authorize the sharing of private items.
Confidential information is often generated in client-professional relationships. There are many instances in which a person seeks the assistance or services of a professional and divulges or learns things she may not want others to know. For example, a person may visit a physician and reveal that she has certain symptoms. The physician may, in turn, diagnose her with a disease. Both the information that the patient revealed and the conclusions reached are subject to confidentiality.
Other professional relationships commonly bound by such standards are those between a client and her lawyer, financial institution, or religious leader. Sharing confidential information is often a professional violation and a legal violation. There are a wide range of consequences that can result, including the payment of financial damages and disbarment from professional organizations.
Generally, confidential information is considered to be owned by the party who would be most disadvantaged by its dissemination. For example, in an attorney-client relationship, information regarding a case is usually owned by the client although an attorney may keep files that contain records. This is because the client is most likely to be harmed in the event an unauthorized third party gained access to those records.
The owner of confidential information is usually the only party who has the authority to authorize sharing it. This usually requires some type of signed release statement, which will generally specify what can be shared and with whom. Those who maintain information belonging to others must be careful when fulfilling such requests because sharing more information than specified, even if it is with an authorized party, can result in a violation.
In some instances, an organization may maintain files subject to privacy regulations. Such organizations are often composed of numerous employees and affiliates who may have access to systems that contain those files. It is often considered a violation, and may be a basis for action, when an individual unnecessarily accesses a file despite the fact that he has the ability to do so and does not share the information that he discovers. This type of strict confidentiality enforcement is often found in government agencies.