What are the Confidentiality Clauses in POSH Policies

Share & spread the love

Confidentiality is one of the most important safeguards under the law relating to prevention of sexual harassment at the workplace. A complaint of sexual harassment generally contains sensitive personal information, allegations affecting professional reputation and details that may expose the parties to retaliation or public scrutiny. For this reason, every properly drafted POSH policy must contain a clear confidentiality clause governing complaints, conciliation, inquiries, recommendations and action taken by the employer.

Meaning of Confidentiality under a POSH Policy

Confidentiality under a POSH policy means that information connected with a sexual harassment complaint must be accessed, used and disclosed only for legitimate purposes connected with the complaint and its resolution.

LawBhoomi
Add LawBhoomi as your preferred source on Google.
Add Now →

It does not merely require members of the Internal Committee to remain silent. The obligation extends to the employer, human resources personnel, witnesses, parties, administrative staff and every person who gains access to information relating to the proceedings.

A confidentiality clause ordinarily seeks to protect:

  • The identity and personal details of the aggrieved woman
  • The identity and personal details of the respondent
  • The identity and statements of witnesses
  • The contents of the complaint and supporting documents
  • Information relating to conciliation proceedings
  • Notices, replies and evidence submitted during the inquiry
  • Discussions and deliberations of the Internal Committee
  • Recommendations contained in the inquiry report
  • Action taken by the employer
  • Electronic records, meeting notes and correspondence connected with the matter

The purpose of confidentiality is not to conceal wrongdoing or prevent lawful reporting. Its purpose is to preserve privacy, protect the integrity of the proceedings and prevent unnecessary disclosure to persons who have no role in deciding or implementing the matter.

Legal Basis of Confidentiality under the POSH Act

The principal statutory provision dealing with confidentiality is Section 16 of the Sexual Harassment of Women at Workplace (Prevention, Prohibition and Redressal) Act, 2013. It restricts the publication, communication and disclosure of specified information relating to a complaint and inquiry.

Information Protected under Section 16

Section 16 gives confidentiality protection to several categories of information arising from proceedings before the Internal Committee or Local Committee.

It prohibits the publication, communication or disclosure to the public, press or media of:

  • The contents of the complaint made under Section 9 of the Act
  • The identity and address of the aggrieved woman
  • The identity and address of the respondent
  • The identity and address of witnesses
  • Information relating to conciliation proceedings
  • Information relating to inquiry proceedings
  • Recommendations made by the Internal Committee or Local Committee
  • Action taken by the employer or District Officer

The provision therefore covers the entire complaint process, beginning with the filing of the complaint and continuing through inquiry, recommendations and implementation of the final action. Its protection is not limited to the identity of the complainant alone.

Limited Disclosure of Justice Secured

Section 16 contains a limited exception permitting the dissemination of information regarding the justice secured by an aggrieved woman.

However, even where such information is shared, the name, address, identity or any other particulars capable of identifying the aggrieved woman and witnesses must not be disclosed. This permits organisations to communicate the effectiveness of their grievance mechanism without exposing the individuals involved.

For example, an organisation may disclose in an annual report that complaints were received, inquiries were completed and disciplinary action was taken. It should not disclose facts that allow colleagues or members of the public to identify the parties.

Persons Bound by a Confidentiality Clause

A POSH confidentiality clause should clearly identify the persons who are expected to preserve confidentiality. Restricting the obligation only to Internal Committee members may leave significant gaps.

The clause should apply to every individual who receives information because of an official, procedural or administrative role.

Internal Committee Members

Internal Committee members have access to complaints, replies, evidence, witness statements, meeting records and deliberations. They carry the most direct responsibility for maintaining confidentiality.

Committee members should not discuss a matter outside formally convened meetings except where communication is necessary for conducting the inquiry. Personal devices, informal messaging groups and unsecured email accounts should not be used for circulating case records.

Complainant and Respondent

The complainant and respondent may be directed not to circulate inquiry records, witness statements, committee communications or confidential personal information obtained during the proceedings.

However, such restrictions must be drafted carefully. The parties cannot be completely prevented from discussing the matter with a legal adviser, support person, medical professional, counsellor or lawful authority where such communication is necessary.

Witnesses

Witnesses may receive notices, attend hearings or become aware of allegations through their participation in the inquiry. They should be informed that statements, documents and discussions connected with the proceedings must not be shared with colleagues or posted publicly.

At the same time, a confidentiality clause should not be used to prevent a witness from reporting retaliation, seeking legal assistance or complying with a lawful direction issued by a court or government authority.

Employer and Human Resources Personnel

Senior management and human resources teams do not automatically require access to every detail of an inquiry.

Information should be disclosed internally on a need-to-know basis. A manager responsible for implementing an interim transfer may only require information regarding the transfer. The disciplinary authority may require the findings and recommendations but may not require unrestricted access to every private communication.

Administrative and Technical Personnel

Secretarial staff, information technology teams, translators, interpreters, external experts and persons responsible for record management may also handle sensitive information.

The confidentiality clause should extend to such persons and require secure handling, limited access and deletion or return of records once their role has been completed.

What are the Essential Elements of a Confidentiality Clause?

An effective confidentiality clause must be specific enough to guide conduct. A vague statement that “all proceedings shall remain confidential” may not adequately explain the scope of the obligation or the circumstances in which disclosure is permitted.

A well-drafted clause should contain the following elements.

Definition of Confidential Information

The policy should define confidential information broadly but clearly. The definition may include complaints, identities, addresses, evidence, correspondence, conciliation discussions, inquiry proceedings, committee recommendations and employer action.

It should also cover information in oral, written, electronic, audio, visual or any other form.

Need-to-Know Access

The clause should state that information will be shared only with persons whose involvement is reasonably necessary for receiving, investigating, deciding or implementing the complaint.

Need-to-know access prevents unnecessary circulation while allowing the process to function. It is generally more practical and legally balanced than an absolute prohibition on all communication.

Permitted Disclosures

The clause should expressly recognise legitimate disclosures. These may include communication:

  • With the Internal Committee or Local Committee
  • With a legal adviser or authorised representative
  • With a medical professional, counsellor or support person
  • To the police or another competent authority
  • To a court, tribunal or statutory authority
  • For obtaining emergency assistance
  • For reporting retaliation, intimidation or interference
  • Where disclosure is required by law or judicial order

Such exceptions prevent the confidentiality clause from operating as a gag order.

Secure Record-Keeping

The policy should explain how confidential records will be stored. Physical records should remain in locked storage, while digital records should be password-protected and accessible only to authorised persons.

Case files should not form part of ordinary personnel records accessible to multiple departments. Email subject lines, shared folders and document names should also avoid unnecessarily identifying the parties.

Duration of the Obligation

Confidentiality should continue during the complaint, conciliation, inquiry, implementation and appeal stages. Certain obligations, particularly those relating to identity and personal information, should continue even after the matter has been closed.

The policy may clarify that resignation, transfer, retirement or completion of committee tenure does not end the duty to protect confidential information.

Consequences of Breach

A confidentiality clause should state that unauthorised disclosure may lead to disciplinary action, penalties under the applicable service rules or other action recognised by law.

The consequences should apply consistently to committee members, parties, witnesses and employees, subject to the nature of their employment or institutional relationship.

Penalty for Breach of Confidentiality

Section 17 of the POSH Act deals with the consequences of violating the confidentiality requirement contained in Section 16.

Where a person entrusted with the duty to handle or deal with the complaint, inquiry, recommendations or action taken breaches confidentiality, that person may be subjected to the penalty prescribed under the applicable service rules.

Where no service rules exist, the prescribed framework permits the employer to impose a monetary penalty. The applicable rules provide for recovery of a sum of ₹5,000 for breach of the confidentiality obligation.

The employer should not impose punishment mechanically. The circumstances of the disclosure, the person responsible, the nature of the information revealed, the harm caused and whether the disclosure was intentional should be examined before action is taken.

Confidentiality Is Not Absolute Secrecy

One of the most important distinctions in POSH compliance is the difference between lawful confidentiality and absolute secrecy.

Confidentiality regulates how sensitive information is handled. Secrecy attempts to prevent every form of communication, including communication necessary for legal advice, protection, medical assistance or access to justice.

Right to Obtain Legal Advice

A policy should not prohibit the complainant or respondent from consulting a lawyer. Legal advice may be necessary to understand the procedure, prepare documents, respond to allegations or pursue an appeal.

The adviser receiving the information may also be expected to maintain professional confidentiality, but the organisation cannot ordinarily insist that a party face the process without advice.

Right to Approach the Police or Other Authorities

The POSH process does not replace criminal law. Certain conduct may constitute an offence and may be reported to the police.

A confidentiality clause cannot lawfully prevent the aggrieved woman from filing a criminal complaint, approaching a statutory authority or seeking protection. The employer also has duties under the POSH Act to provide assistance where the aggrieved woman chooses to initiate criminal proceedings.

Right to Challenge the Proceedings

The complainant or respondent may challenge an order, inquiry report, disciplinary action or procedural irregularity before a court, tribunal or appellate authority.

Documents may need to be produced for this purpose. Statutory confidentiality does not mean that relevant material can never be considered in legal or disciplinary proceedings conducted according to law.

Judicial interpretation has recognised that Section 16 principally prevents material from being placed in the public domain and does not make POSH records unusable wherever the law requires their consideration.

Right to Procedural Fairness

Confidentiality cannot justify withholding the substance of the allegations or relevant evidence from the respondent. A fair inquiry requires adequate notice and a reasonable opportunity to respond.

Similarly, confidentiality should not prevent the complainant from knowing the progress of the complaint, participating in the inquiry or receiving information required to exercise statutory rights.

A recent Kerala High Court decision also emphasised that statutory confidentiality does not automatically bar the supply of relevant documents to an employee facing disciplinary proceedings. This reflects the need to balance confidentiality with natural justice.

Problems with Overbroad Confidentiality Clauses

Organisations sometimes draft clauses that go beyond the protective purpose of Section 16. Such clauses may create fear, discourage complaints or interfere with legal rights.

Commonly problematic clauses include provisions that:

  • Prohibit the complainant from speaking to any person under any circumstances
  • Treat every discussion of workplace harassment as misconduct
  • Prevent communication with lawyers, doctors or family members
  • Prohibit complaints to the police or statutory authorities
  • Permit senior management unrestricted access to case records
  • Require only the complainant to maintain confidentiality
  • Threaten automatic termination for any alleged disclosure
  • Prevent parties from challenging the inquiry or employer action
  • Continue indefinitely without defining protected information
  • Restrict disclosure of systemic concerns even where individuals are not identifiable

Such provisions may convert confidentiality from a privacy safeguard into a tool of institutional control.

Difference between Confidentiality and Non-Disclosure Agreements

A statutory confidentiality clause in a POSH policy is different from a private non-disclosure agreement.

A POSH confidentiality clause is based on legal obligations intended to protect the complaint process and the persons involved. A non-disclosure agreement is a contractual arrangement that may seek to protect business information, settlement terms or organisational reputation.

An employer should not require an aggrieved woman to sign an agreement that prevents lawful reporting of sexual harassment, participation in legal proceedings or communication with competent authorities. A private contract cannot override statutory rights or obstruct the administration of justice.

Where settlement terms contain confidentiality obligations, they should be narrowly drafted. They should not prevent reporting of subsequent misconduct, cooperation with an investigation or disclosure required by law.

Confidentiality during Conciliation

The POSH Act permits conciliation before the commencement of an inquiry where the aggrieved woman requests it. Monetary settlement cannot form the basis of conciliation.

Discussions held during conciliation may include admissions, proposed remedial measures, apologies, transfers or other sensitive matters. The confidentiality clause should therefore cover:

  • The request for conciliation
  • Communications exchanged during the process
  • Proposed settlement terms
  • Statements made for resolving the complaint
  • The final settlement, subject to lawful disclosure requirements

However, confidentiality should not conceal non-compliance with the settlement. Where the agreed terms are breached, the aggrieved woman may seek revival of the complaint or other lawful remedies.

Confidentiality in Virtual and Remote Inquiries

Remote work and virtual hearings create additional confidentiality risks. Documents may be forwarded instantly, meetings may be recorded and participants may attend from shared spaces.

A POSH policy should therefore provide that:

  • Virtual hearings must be attended from a private location
  • Unauthorised recording is prohibited
  • Meeting links must not be forwarded
  • Participants must verify that no unauthorised person is present
  • Documents must be shared through secure channels
  • Screenshots and photographs of proceedings are prohibited
  • Electronic records must be stored in access-controlled folders
  • Devices containing case records must be appropriately secured

These measures should support, rather than obstruct, participation. A party should not be disadvantaged merely because remote attendance is required.

Reporting POSH Data without Breaching Confidentiality

Employers are required to maintain records and report information concerning complaints. Organisational transparency can be achieved without exposing individual identities.

Reports may ordinarily state:

  • The number of complaints received
  • The number of complaints resolved
  • The number of complaints pending
  • The broad nature of action taken
  • Awareness programmes conducted
  • Training provided to Internal Committee members
  • Time taken to complete inquiries

Names, departments, job titles or factual details should be removed where their inclusion could reveal the identity of the parties.

Even anonymised information should be reviewed carefully in small workplaces, where limited facts may be sufficient to identify the persons involved.

Best Practices for Employers

Confidentiality requires more than a clause in a written policy. It must be supported by institutional systems and consistent conduct.

Employers should adopt the following practices:

  • Train Internal Committee members on statutory confidentiality and data handling
  • Limit case information to authorised persons
  • Use separate and secure storage for POSH records
  • Avoid discussing complaints in ordinary management meetings
  • Obtain confidentiality acknowledgements from persons participating in proceedings
  • Redact personal information before using case studies for training
  • Establish a protocol for responding to media or employee enquiries
  • Investigate suspected leaks promptly
  • Protect persons reporting a confidentiality breach from retaliation
  • Periodically review record access and retention practices
  • Ensure that policy language does not prevent lawful reporting or legal advice
  • Communicate findings and action only to persons legally entitled to receive them

Model Approach to a POSH Confidentiality Clause

A balanced confidentiality clause may state that all complaints, identities, evidence, conciliation discussions, inquiry records, recommendations and actions taken will be treated as confidential and disclosed only on a need-to-know basis.

It should further state that no person shall publish or communicate protected information to the public, press, media or unauthorised persons. The clause should preserve disclosures made for legal advice, medical or counselling support, reporting to lawful authorities, compliance with judicial directions and exercise of statutory remedies.

It should also clarify that parties must not intimidate witnesses, circulate inquiry documents or misuse confidential information. Records should remain securely stored, and proven unauthorised disclosure may attract action under service rules, employment policies and applicable law.

Conclusion

Confidentiality clauses are central to a fair and effective POSH policy. They protect privacy, preserve evidence, encourage participation and reduce the risk of retaliation or reputational harm. Their legal foundation lies primarily in Sections 16 and 17 of the POSH Act.

However, confidentiality must not become absolute secrecy. A lawful clause must allow access to legal advice, medical support, statutory authorities, courts and remedies provided by law. It must also respect natural justice by ensuring that both parties receive the information necessary to participate meaningfully in the inquiry.

The strongest POSH policies therefore combine strict control over unnecessary disclosure with carefully defined exceptions. Such policies protect individuals without shielding institutions from accountability and maintain confidentiality without restricting access to justice.


Attention all law students and lawyers!

Are you tired of missing out on internship, job opportunities and law notes?

Well, fear no more! With 2+ lakhs students already on board, you don't want to be left behind. Be a part of the biggest legal community around!

Join our WhatsApp Groups (Click Here) and Telegram Channel (Click Here) and get instant notifications.

Aishwarya Agrawal
Aishwarya Agrawal

Aishwarya is a gold medalist from Hidayatullah National Law University (2015-2020). She has worked at prestigious organisations, including Shardul Amarchand Mangaldas and the Office of Kapil Sibal.

Articles: 6046

Leave a Reply

Your email address will not be published. Required fields are marked *

WhatsApp Channel Popup Banner