Any information of client acquired/created by MQAS, during information gathering,
audit or during certification process or otherwise shall be kept confidential
and shall not be divulged to any third party. To this effect:
The above shall be applicable to all MQAS personnel and any outside
organization to which MQAS may employ for a particular work to be carried
out. The outside organization shall include any organization or individual
acting on behalf of MQAS.
All personnel of MQAS shall execute a Non Disclosure Agreement with
Any outside organization working on behalf of MQAS shall execute NDA
with MQAS for confidentiality for MQAS and the client, for which the
outside organization has been engaged.
MQAS or the outside organization working on behalf of MQAS shall abide
by security requirements of the clients.
MQAS shall ensure the safe handling and storage of confidential
MQAS shall not disclose any information to third party about client or
individual without obtaining prior written permission. In case the
information is required legally by a third party, the client or
individual shall , unless regulated by law, be notified in advance.
Information received from other sources (Regulator, complaints) about
the client, shall also be treated as confidential and shall be dealt
with as per policy.
In case any hard copies of client records are collected for the purpose
of audit, they will be kept in lock and key. They will be returned when
there is no further need at the earliest.
In case soft copies of client records are collected, they will be stored
in PCs that are secured by user id and password. They will be removed
when there is no further need at the earliest.