Purpose
The purpose of this policy is to establish guidelines for the secure transfer of information within AppCan Ltd and with external parties.
Scope
This policy applies to all employees, contractors, and third parties who handle information on behalf of AppCan Ltd.
Policy
- Secure Transfer: All information transfers must be conducted in a secure manner that preserves the confidentiality, integrity, and availability of the information.
- Encryption: Sensitive information must be encrypted during transmission. The encryption method used should meet or exceed the company’s minimum security standards.
- Physical Transfers: Physical transfers of information must be conducted in a secure manner. This includes the use of secure couriers for the transfer of sensitive documents.
- Email: Sensitive information must not be sent via email unless it is encrypted or sent via a secure email service.
- Third Parties: Information transfers to third parties must be governed by a signed agreement that specifies the responsibilities of each party in handling the information.
- Compliance: All information transfers must comply with applicable laws, regulations, and standards.
- Incident Reporting: Any suspected or actual breaches of this policy must be reported to the Information Security Manager immediately.
Enforcement
Failure to comply with this policy may result in disciplinary action, up to and including termination of employment.
