The Open Group Standards Process

Home

Definitions &
Glossary of Terms

The Open Group Governing Board
Standards Approvals Process

Forum
Operations

Developing and
Adopting Standards

Certification
Programs

Confidentiality

Standards
Adoption Criteria

Patent
Policy

Confidentiality

Introduction
Scope
Confidential Material from The Open Group
Confidential Material from an Open Group Member
Confidential Material from a Third Party
Miscellaneous Provisions

1 Introduction

This section describes the procedures to be followed when handling confidential material within The Open Group and within member companies when working with The Open Group.

2 Scope

Three sources of information are considered :

The Open Group
Open Group Member
Third Party

All Open Group membership agreements include provisions which define the general obligations of The Open Group and Members of The Open Group in respect of confidential information.

Individual non-disclosure agreements may apply to third party information.

These guidelines describe some of the practical steps to be taken to identify and protect confidential information, but they are always subject to the provisions of the relevant agreement.

3 Confidential Material from The Open Group

From time to time, confidential material may be originated by The Open Group for distribution to those people within member companies working on Open Group business.

When originated, The Open Group must:

Clearly indicate on a cover sheet that the material is Open Group Confidential, so that the recipient has the opportunity not to open the document.
- The cover sheet must include sufficient information to allow the recipient to make that judgment.
- The cover sheet must also state clearly whether the recipient is permitted to make copies of the document (within the overall provisions of the confidentiality obligations in the relevant membership agreement).
If possible, ensure that each page of the document is clearly marked with the designation Open Group Confidential.
Distribute the material only by a secure means of delivery (see below).

In turn, the recipient must:

Use the material only for the purpose for which it was originally intended.
Restrict disclosure of the material to those of its staff working directly on Open Group related activities.
Apply at least as strict rules to prevent unauthorized disclosure as would be applied to the members own confidential material.

4 Confidential Material from an Open Group Member

The procedures for handling confidential material from an Open Group Member are similar to those described above, with the exception that the cover sheet should be inscribed xxx Confidential - for Open Group use only and that each page should be inscribed xxx Confidential.

When distributing such material, The Open Group must treat it in the same way as its own confidential material, and recipients must treat the material as if it were Open Group Confidential.

5 Confidential Material from a Third Party

When The Open Group obtains confidential information from a third party, typically under the control of a non-disclosure agreement, the material should subsequently be treated as Open Group Confidential with the following additional procedures:

Whenever the material is distributed, it must include a cover sheet which states explicitly that the material is Open Group Confidential, the name of the company who originated the material and reference to any non-disclosure agreement that is in place and any special terms which may inhibit the freedom of Open Group members to receive the material.
Recipients must treat the material as Open Group Confidential on the basis of the cover sheet. It cannot always be guaranteed that every page will be marked as confidential.

6 Miscellaneous Provisions

6.1 Distribution of Materials

Confidential material must be distributed using secure methods of distribution.

The following methods are for the purposes of these procedures assumed to be secure:

Normal mail service
Courier services
FAX to a localized FAX machine
Electronic mail using links wholly under the control of The Open Group or its' members, or using public packet switched networks (such as the Internet) which do not store the complete message at any intermediate site which is not under the control of The Open Group or its' members.
The use of a WWW site, providing that the authentication and authorization services in use are sufficient to reasonably restrict access to confidential materials to those entitled to gain access.

The following methods are for the purposes of these procedures assumed to be insecure:

FAX to a machine shared with people not entitled to receive the information being transmitted.
Electronic mail services which operate using a Store and Forward mechanism, where the complete message is stored in non-encrypted form at any intermediate site(s) which is/are not wholly under the control of The Open Group or its' members.
Any WWW site without appropriate authentications and authorization services to reasonably restrict access.

6.2 Verbal Presentations

Any material presented verbally either formally or informally is assumed to be non confidential unless the presenter states in advance that the material is confidential and offers anyone who does not wish to receive the material the opportunity to leave the meeting for the duration of the presentation.

Last updated: June 19 2006