Like any organization a church often has a range of confidential information that it would prefer not to have shared publicly or with other churches and businesses. Financial matters, employee and volunteer information, and business arrangements are typical examples of things a church may want to keep private. The types of information that a church may wish to protect, and the strategies appropriate for protecting it, will vary depending on who is to be bound by confidentiality.
Confidentiality is a fiduciary duty of directors and officers
Just like the directors and officers of for-profit corporations, the directors and officers of a church owe their organization a duty of loyalty. Among the obligations that come with the duty of loyalty is an obligation to maintain the confidentiality of church business information. This is true even if they have not signed contracts that bind them to well-defined obligations with regard to the church’s sensitive information.
Why is confidentiality a matter of loyalty? Directors and officers tend to have access to the most sensitive information about a church’s affairs. In addition to financial matters, they also contend with sensitive topics like lawsuits, employment issues, insurance claims, and donor conflicts. Unintentional disclosures of information around topics like these can damage a church’s reputation, hurt its ability to raise funds, and even expose it to litigation.
Employees and volunteers can and often should be asked to sign confidentiality agreements
If not all employees, at least employees who will handle confidential information should be asked to formally agree to keep such information secret. Absent a formal agreement, an employee may not know that sensitive information shouldn’t be shared. In the event an employee makes an unauthorized disclosure an agreement can protect the church.
The same can be true of volunteers. In the case of volunteers, some discretion is probably in order. A church doesn’t want to frighten away volunteers who will only do some housecleaning by asking them to sign a document full of legalistic terms. But a volunteer can easily be placed in a position with access to confidential information, like the church’s member or donor contact lists, or financial information.
A church must bear in mind that some kinds of information are legally required to be kept confidential. That includes sensitive employment information, such as the results of criminal background checks, as well as employee health records. It’s important that any employees who handle protected information understand that it cannot be disclosed except to people who need to know and have a legal right to access it.
Confidentiality agreements needn’t be complicated or threatening
A confidentiality agreement has several objectives. It ensures that the person signing it understands what kind of information the church cares about keeping confidential. It defines how long confidences must be kept. And it lets the person know what sort of penalties could come from making an unauthorized disclosure.
The range of penalties for a breached confidentiality agreement can be tailored to an individual’s position. They might include an obligation to return or destroy any church information still in the person’s possession. They could also include the option to terminate an employee for cause or end a volunteer relationship, prevent the person from accessing confidential information in the future, or even provide for the person to compensate the church for any damages it suffers as a consequence of the disclosure. Each church must decide for itself how aggressive it wants its contracts to be.
The Church Law Center of California can help
The Church Law Center of California works with churches to ensure they are well managed and protected. If you have questions about how your church can take steps to protect its confidential information, our attorneys may be able to help. Call us at (949) 689-0437 or reach out to us through our contact page.