Skip to content

Client Confidentiality

Clients open their facilities to ITAC on the understanding that what we see and hear stays with the team. Production rates, utility costs, equipment lists, financial figures, and the layout of the plant itself are competitive information, and a leak, even an accidental one, can damage the client and end the program's access to industry partners.

What Is Confidential

Treat all client information as confidential by default, including:

  • Facility layout, equipment inventory, and process descriptions.

  • Production data, throughput figures, and operating schedules.

  • Utility costs, rate structures, and bill data.

  • Financial information of any kind, including project budgets and payback figures.

  • The identity of the client itself, when not already public.

If you are not sure whether a piece of information is confidential, assume it is and ask before sharing.

Sharing Restrictions

Do not share client details outside the ITAC team. This includes:

  • Other students at the university who are not on the ITAC roster.

  • Friends, family, and classmates, even in casual conversation.

  • Social media of any kind. No photos of the floor, no "guess where I was today" posts, no tagged locations.

  • Vendors, consultants, or other industry contacts unless explicitly authorized by the Center Director.

Internally, share client information only with team members who need it for their work.

AI Tools and Client Data

Generative AI tools are useful, but most of them retain or train on the inputs you send. Pasting client information into a consumer chatbot is a confidentiality breach in the same way that posting it on social media is — the data leaves our control and we cannot get it back.

Client data may only be entered into AI tools that the Center Director has specifically sanctioned and that have written data guarantees in place (no training on inputs, appropriate retention controls, and a contractual basis for use). The current list of approved tools is maintained by the Center Director; if a tool is not on that list, assume it is not approved.

This restriction covers anything tied to a specific client: facility names, addresses, utility bills, equipment lists, photos taken onsite, measured data, draft report text, and notes from a visit. When in doubt, scrub identifying details or ask before using the tool.

You must also complete the Claude Academy trainings (see Required Trainings) before using generative AI tools in any ITAC work.

Non-Disclosure Agreements

Some facilities will require you to sign a non-disclosure agreement (NDA) before granting access. Read the NDA before you sign it, ask questions if anything is unclear, and follow its terms exactly. NDA obligations typically extend beyond the end of your time at ITAC, and they are legally binding regardless of your student status.

If a host presents an NDA on the day of the visit and you are uncomfortable with its terms, do not sign it. Discuss options with the center director.

Consequences

Violations of client confidentiality may result in termination from the program. The Center cannot continue to operate if industry partners cannot trust us with their information, and a single incident can affect every student in the program for years.

If you realize after the fact that you have shared something you should not have, report it to the Center Director immediately. Self-reported mistakes are handled very differently from concealed ones.