Procedure For Management Of Confidentiality Of Data And Information


To enforce strict regime of confidentiality of data and information during the operation of inspection system


This covers ASPL Inspection Scheme operated in accordance with ISO/IEC 17020:2012


3.1 Director- He is responsible for defining the responsibilities and obligation of the ASPL and the clients

3.2 In charge IS- As MR will ensure implementation of the this procedure


4.1 ASPL-IS/HRAA is responsible to keep all information obtained or created during the performance of inspection activities confidential.

4.2 ASPL-IS/HRAA has this and arrangements to safeguard the confidentiality of the information obtained or created during the performance of inspection activities at all levels of its structure, including committees and external bodies, or individuals acting on its behalf.

4.3 ASPL-IS/HRAA ensures that all inspection personnel, subcontractors and committee members give signed “confidentiality statement” to maintain confidentiality in inspection activities and data and information they are involved in (See ASPL-IS/HRAA-P4.1-01F01-F03).

4.4 ASPL-IS/HRAA informs the client, in advance, of the information it intends to place in the public domain except for information that the client makes publicly available, or when agreed between IS and the client (e.g. for the purpose of responding to complaints), all other information is considered proprietary information and is regarded as confidential.

4.5 When IS/HRAA is required by law or authorized by contractual commitments to release confidential information, the client or individual concerned is, unless prohibited by law, notified of the information provided.

4.6 Information about the client obtained from sources other than the client (e.g. complainant, regulators) is treated as confidential.

4.7 When confidential information is made available to other bodies such as accreditation body and agreement group of a peer assessment scheme, ASPL-IS/HRAA shall inform its client of this action, in advance.

4.8. ASPL-IS/HRAA ensures that all those involved in the inspection process (See4.3) to maintain the strict confidentiality, and to protect the information which are related to the business of its clients and are available within ASPL Inspection Services. Confidentiality statement is undertaken from all those concerned


ASPL-IS/HRAA -P6.2-04 Procedure for protecting the integrity and security of data
ASPL-IS/HRAA -P4.1-01.F01 Impartiality and confidentiality statement from Inspection Personnel
ASPL-IS/HRAA -P4.1-01.F02 Impartiality and confidentiality statement from members of Committees
ASPL-IS/HRAA -P4.1-01.F03 Impartiality and confidentiality statement from contracted personnel