You may only be an IT Technician and not in the CIA, but you are going to have to learn how to keep a secret. You will know things before other people know them, and you will know things that other employees should never know. Hospitals have HIPAA regulations for privacy, schools have FERPA, and other employers have their own regulations that you must follow. However, in addition to these regulations you need to have your own unofficial personal privacy code as an IT Technician. My code is called, “keep your mouth shut.”
It is an unofficial code but it needs to be just as binding as your company’s code of conduct. You will be supporting users from mail room personnel to the CIO of your company. Either of them could have private company information up on their screens or lying on their desks that is not meant for the public, nor other employees to see. Whether you see what is in the document or not shouldn’t matter, because you are trusted by that individual to keep your personal code of privacy.
In most cases you will not know if the information is highly private or something that will be read to the entire company in the next staff meeting. It is not your place to find out, and it is not even your place to inform the individual you have seen something potentially private and ask them if that is something that can be spread around or needs to be kept a secret. Your client (the computer user/employee) should have near complete confidentiality in what he or she is doing. The one time you should break confidentiality is if the individual you are helping is doing something illegal or intentionally harmful to the company. In this case you should tell your immediate supervisor or act according to your company’s employee manual.
As the IT person, you will often intentionally be given classified information before it is released. The most common example of this will be employee firings/dismissals. It is common that companies will want employee accounts disabled immediately upon letting an employee go, which requires informing the IT person ahead of time. As with everything else this needs to “stay in the vault.” It is no business of yours to inform other employees, your significant other, or other IT staff (except possibly your manager) what you know.
One more item you need to be aware of – most IT personnel are given administrative privileges to all company files, folders, servers, accounts, databases, passwords, etc. Take this seriously. The company you work for must be able to trust you with every last bit (byte) of its data or you are a liability to them. Even if you see a file named “current performance review for (insert your name here)”, you should not open it. The fact that you are able to access every piece of data in the company is the main reason you should not be accessing it. Your employer needs to trust you.