What is Confidentiality?

Understanding Confidentiality

Preserving authorized restrictions on information access and disclosure, including means for protecting personal privacy and proprietary information. Confidentiality ensures that sensitive information is accessed only by authorized individuals and protected from disclosure to unauthorized parties. It involves protecting data in storage, during processing, and in transit. Confidentiality is one of the three principles in the CIA triad and is required by numerous regulations including GDPR, HIPAA, and frameworks like ISO 27001 and NIST CSF. Organizations implement confidentiality through encryption, access controls, data classification, secure communications, and security awareness training. For example, a law firm might implement encryption, strict access controls, and confidentiality agreements to protect client information from unauthorized disclosure. Related terms: Privacy, Data protection, Encryption, Access control, Information classification, Non-disclosure agreement, Need-to-know.