Rule 7 – Confidentiality

A member shall not disclose to another party any confidential information obtained through a professional assignment performed for a client or employer unless expressly or implicitly authorized to do so by the client or employer, or required to do so under Rule 13, or required to do so by the Professional Conduct Board, an Investigation Team, a Disciplinary Tribunal or an Appeal Tribunal regarding any disciplinary matter arising under Section 5 of the Bylaws, or required to do so by law.

Keeping sensitive information safe

There are many good reasons that information is confidential. Rule 7 expects members to protect sensitive information and use it only for the intended purposes of providing professional services. It should not be misused, treated carelessly or shared apart from in exceptional circumstances.

Why Rule 7 is important

Protects sensitive information

Users and the public are assured that sensitive information will not be misused, treated carelessly or shared without permission unless there are exceptional circumstances.

Ensures compliance with laws and regulations
Complying with privacy laws and regulations ensure information is used only for its intended purposes and protects personal information, proprietary data, trade secrets, and strategic plans.

Safeguards against wrongdoing

Keeping sensitive data secure prevents bias or undue influence, and reduces incidents of insider trading, fraud, or competitive harm.

Builds trust

Professional relationships are strengthened when clients, employers, and the public know that sensitive information will not be disclosed improperly.

Upholds the profession’s reputation
Reducing the risks of legal liability for unauthorized disclosure, data breaches and other harms protects the reputation of the entire profession.

Provides a basis for enforcement

Provides CIA with a mechanism to enforce required conduct if members fail in their duty to protect sensitive information.

What Rule 7 means for members

In the frame we see a laptop open and hands pointing out to the screen.

You have a professional and legal obligation
You must ensure that client data and financial strategies remain held in a secured environment, keeping information confidential except when legally required to disclose it.

Know which information is confidential
Any information obtained through your professional work that is not publicly available is confidential, unless you have explicit authorization  to disclose it, disclosure is required by law or a regulator, or it is shared in a properly aggregated, anonymized, and approved form.

Know when you can disclose information
Information can be disclosed in circumstances where disclosure is required by law, or is permitted by law, and can be justified in the public interest. Information that is in the public domain is not considered confidential.