Protection and Handling of Proprietary Information
BACKGROUND
GovC through its subsidiaries, conducts extensive business with the US Government (USG), foreign governments, and commercial organizations. A result of that business is the generation of a multitude of information. That information can be defined as general public information, proprietary information, trade secrets, and sensitive information (to included classified, and unclassified). That information can cause GovC great harm through damage done to its reputation, violation of regulations, and through economic harm through the loss of business. The damage done by not protecting information can be to itself, its Customers, Business Partners, and employees. As such all Information needs to be handled appropriately, and GovC employees need to understand the importance of the handling of information.
PURPOSE
To protect GovC, its partners, customers, and employees, the purpose of this policy is to establish guidelines for the handling of:
- Proprietary Information
- Restricted Information, and
- Trade Secrets
SCOPE
This policy is applicable to all GovC employees and subsidiary employees.
POLICY
It is the responsibility of each GovC employee to adhere to the requirements for protecting GovC restricted and proprietary information. Employees are encouraged to seek advice from management, or general counsel regarding an questions related to the protection of GovC or customer information.
Failure of employees to adequately protect Cobham or customer information could lead to disciplinary action or termination.
BASIC REQUIREMENTS
Agreements
All Cobham employees must execute the Confidentiality, Inventions and Non-Solicitation Agreement.
Each Business Partner or Commercial Customer must execute a Non-Disclosure Agreement.
Proprietary Information
It is defined as any information not readily available to the public.
Proprietary Information can contain trade secrets, business strategy, costing information to include direct and indirect costs. All Cobham employees are personally responsible to protect the company interest, and not disclose to unauthorized individuals or organizations any company proprietary information.
All written communication that contains proprietary information should include the following:
- “This communication contains information that is proprietary. This information can not be communicated to other parties without the express written consent by Cobham.”
Restricted information (classified or unclassified) should follow the guidelines below.
Classified Information
Classified information is sensitive information to which access is restricted by law or regulation. A formal security clearance is required to handle classified documents or data. US Government regulations must be adhered to in all handling of classified information. Classified documents are only allowed in facilities, that are approved and have the proper physical security for such information.
All GovC employees as an approved custodian or user of classified information are personally responsible for the protection and control of this information. This information must be safeguarded at all times to prevent loss or compromise and unauthorized disclosure, dissemination, or duplication. All GovC employees shall consult their Security Officer or supervisor on the specific rules of handling classified information.
When GovC employees with clearances terminate employment, they must sign another Non-Disclosure Agreement, and be reminded of the “lifetime commitment” to protect that information.
Unauthorized disclosure of classified materials will lead to termination of an employee, and is punishable under Federal Criminal Statues.
Unclassified Information
While unclassified (sensitive) information does not fall under the strict Federal guidelines for the handling or dissemination, the standard of need to know still applies.
All GovC employees should handle or disseminate this information only as it is required within their job duties, and only on a “need to know” basis.
Restricted information may only be taken offsite with express consent.
Destruction of Proprietary or Restricted Information
Proprietary Information and Restricted Information should not be stored on an employees personal computer, external hard drives, flash drives, cameras, or any device not specifically approved for the handling of information.
The destruction of Proprietary or Restricted information may only be done so in approved and designated containers or devices.