Data, clients, and documents
How to avoid leaking personal data, trade secrets, and client information.
The employee checks recipient, attachment, access rights, and data minimisation before sending.
Threat
A data leak can start with one wrong recipient, public link, or shared file.
What to know
- Not all data is equal. Personal data, financial data, contracts, access lists, and incident information require extra care.
- A sharing link set to "anyone with the link" can become a public data leak.
- Attachments may contain metadata, comments, version history, or hidden sheets.
- Less data means less harm if a mistake still happens.
Actions
- Before sending, check the recipient, attachment, and whether the data is actually needed.
- Share files only with specific people or groups, not publicly.
- Remove unnecessary data and comments before sending a document outside the company.
- If you sent something incorrectly, report immediately so access can be revoked and risk assessed.
Manager note
The course should clearly state what data classes exist in the company and where mistakes must be reported.