Use of Information
We must protect company information, whether it belongs to ATC, our customers or business partners.
It is important to know the information you work with, including its sensitivity, and understand how it should be used and shared. You are the first line of defense in protecting our information.
Commit to this:
- Seek assistance if you are unsure if information is sensitive.
- Keep sensitive information in a safe place, away from eyes that are not intended to see it.
- Apply sensitivity labels to all information assets, aligned with the sensitivity of the content.
- Do not use ATC confidential or proprietary information in non-ATC managed AI solutions.
- Never share confidential or nonpublic information unless you have permission to do so.
- Follow the company's record retention guidelines when deciding whether to keep or discard enterprise information.
It's Up to Us
Tabs
Click on each topic below to learn more about how we can protect confidential information.
We routinely come across sensitive information. Some examples include:
- Critical Infrastructure Protection (CIP) information and Critical Energy Infrastructure Information (CEII)
- Nonpublic transmission function information governed by the Federal Energy Regulatory Commission (FERC) Standards of Conduct
- Private employee information, including Personally Identifiable Information (PII) and medical information
- Financial information, business development activities, intellectual property or proprietary business practices
Seek assistance if you are unsure if information is sensitive.
We need to safeguard sensitive information under our control:
- We keep sensitive information in a safe place, away from eyes that are not intended to see it.
- We don't leave hard copies of sensitive information behind or where someone else could access the information.
- We encrypt or protect electronic copies of information by following cybersecurity guidelines.
- We don't discuss sensitive information in public places or anywhere we might be overheard.
- We follow the company’s records retention guidelines when deciding whether to keep or discard enterprise information.
We are careful when we share sensitive information and share only on a need-to-know basis.
- We never share confidential or nonpublic information unless we have a business purpose to do so and a nondisclosure agreement in place.
- We share information only with those who have proper authorization and who know the information is sensitive.