Staff and Subcontractor Requirements
Any information that a QMS Certs employee, subcontractor, or committee member obtains or may obtain in an audit or other certification activity or otherwise in a business relationship with an organization is considered strictly confidential. The requirement to maintain the confidentiality of all information not disclosed to third parties (unless specified in ISO / IEC 17021-1: 2015) without the express permission of the organization or person concerned is a legal requirement for auditing or inspection of the QMS Certs. This also applies to organizations with privileges. Where the Act requires the QMS Certs to disclose confidential information to third parties, the interested client or individual must give advance notice of the provision of the information, unless otherwise regulated by law. Risks to Employees, Customers, or the Environment, QMS Certs reserves the right to immediately report such incidents to the appropriate authorities. Such reports are provided only with the permission of the supervisor.
Access to Records
All records are maintained and retained for secure access only to authorized personnel, whether on paper or via password-controlled electronic records. Subcontractors have limited access to the information they provide during the audit. Records may only be used by organizations that can prove their legal rights to view these records, especially certification bodies.
Confidentiality Declarations
All employees, subcontractors, directors, and committee members must agree to QMS Cert’s Privacy Policy and sign a confidentiality agreement. The subcontractor will also sign a contract with the responsibility for confidentiality.