All employees of Oratium are required to maintain the confidentiality of business and participant records and data entrusted to them, except when disclosure is authorized by an appropriate officer of the company or required by law. Participant data and information may only be used for Oratium purposes. In accordance with federal and state law and Oratium policy, confidential records should never be disclosed without appropriate authorization, and should be maintained and secured according to the following principles:
Confidential information is to be accessed, used, and disclosed only with explicit authorization and only on a need-to-know basis for the purpose of a job function of Oratium.
Confidential information regarding any individual or entity acquired during the course of employment at, or providing services to, Oratium must never be divulged to anyone outside of Oratium without authorization or to anyone within Oratium except on a need to know basis.
If in doubt about whether a record is confidential, the user should treat as confidential any Oratium record which is not already within the public domain, until directed otherwise.