HOME | Client’s Confidentiality Management
Client’s Confidentiality Management
This covers all categories of clients who have signed contract for audit and certification with NIPL. To inspire trust in the certification body, NIPL has established legally enforceable agreements with individuals, committees and external bodies (if any) and individuals working on its behalf, which binds them to maintain confidentiality of the information obtained or created during the performance of audit and certification activities.
Client related all information excepting those that has been made publicly accessible by the client, are treated as confidential. NIPL has informed its clients in advance about the type of their information, that the CB intends to place in public domain. Confidential information required to be made available to interested parties (e.g. Legal or regulatory authorities) under ISO 17021-1:2015 standard, are disclosed on the basis of Certification contract signed by the client.
Confidential information of client required to be disclosed to Govt. authorities as per their written request, is disclosed to them, and the client is informed about the information shared with legal authorities, unless prohibited by law. Confidential information of clients other than those described above, are not disclosed to any one without getting written consent / permission from the client. Information about the client received from sources other than the client (e.g. complainant, regulators) are treated as confidential. Record of Such information and of subsequent action if any, is retained in the clients audit file.
NIPL has made its Personnel, including any committee members, contractors, personnel of external bodies or individuals acting on the certification body’s behalf, legally bound to keep confidential all information obtained or created during the performance of the certification body’s activities. NIPL takes prior permission from its clients as per its audit & certification contract signed by the Client, regarding possible sharing of their Confidential information contained in audit reports/ file, with certification related regulatory bodies, if any.