Security Encyclopedia


Confidentiality is the principle and practice of keeping sensitive information private unless the owner or custodian of the data gives explicit consent for it to be shared with another party. Confidentiality may also refer to the request to honor the principle and practice.

To ensure confidentiality, owners and custodians of sensitive data implement policies governing the kinds of information that warrant protection. Based on that, they define a number of processes for the settings, devices, and persons involved in the handling and storage of data. These include educating and training employees and those they serve; investing in and maintaining the facilities, hardware, and software where data resides and travels; keeping records of sensitive data's movements; and data loss prevention (DLP) planning and mitigation.

The Health Insurance Portability and Accountability Act of 1996 (HIPAA) is one of the most well-known regulations pertaining to the confidentiality of patient data, chiefly how healthcare providers and insurers handle and transmit such data.


"In order to preserve the confidentiality of patient data, we ask that you sign this form which permits us to share the results of your recent diagnostic tests. We're sharing it for a limited time with the lab that analyzes your tests, so they can help us determine next steps."