Confidentiality Policy
The purpose of this Confidentiality Policy is to outline the measures and procedures implemented by QSI Nexus Testing and Calibration Labs to ensure the confidentiality of information in accordance with ISO 17025:2017 requirements.
This policy applies to all employees, contractors, and third parties who have access to confidential information within QSI Nexus Testing and Calibration Labs.
Access to confidential information shall be restricted to authorized personnel only. Measures shall be implemented to ensure that access to confidential information is granted on a need-to-know basis and is appropriately controlled and monitored
Access Control
Confidential information shall be protected against unauthorized access, disclosure, alteration, or destruction through the implementation of appropriate physical, technical, and organizational security measures.
Non-Disclosure Agreements
Data Protection
Confidential information shall be protected against unauthorized access, disclosure, alteration, or destruction through the implementation of appropriate physical, technical, and organizational security measures.
Employees, contractors, and third parties shall receive training on the importance of confidentiality, their responsibilities regarding confidential information, and the procedures for safeguarding confidential information.
Training and Awareness
Compliance
All employees, contractors, and third parties are required to comply with this Confidentiality Policy and related procedures. Non-compliance may result in disciplinary action, termination of contracts, or legal action as appropriate.
This Confidentiality Policy shall be reviewed regularly to ensure its effectiveness and compliance with ISO 17025:2017 requirements. Any necessary revisions shall be made in a timely manner.
Review and Revision
Communication
This Confidentiality Policy shall be communicated to all employees, contractors, and third parties who have access to confidential information within QSI Nexus Testing and Calibration Labs.
Responsibilities
It is the responsibility of all employees, contractors, and third parties to:
Maintain the confidentiality of all information obtained during the course of their duties.
Protect confidential information from unauthorized access, disclosure, alteration, or destruction.
Use confidential information solely for authorized purposes and in accordance with established procedures.
Report any breaches of confidentiality or suspected security incidents to management immediately.
Responsible, through legally enforceable commitments for the management of all information obtained or created during the performance of laboratory activities.
Laboratory is required by law or authorized by contractual agreement to release confidential information, the customer or individual concerned will, unless prohibited by law, be notified of the information provided.
Information about customer obtained from sources other than customers(e.g. complainant, regulators) will be confidential between the customer and the laboratory and providers information will not be shared with customer.
Confidential Information
Confidential information includes, but is not limited to:
Test results
Customer information
Calibration procedures
Internal Documents & Procedures
Intellectual property