How to avoid conflicts of interest

1Implement proper access control

Classify information into different security groups based on their risk exposure and degree of sensitivity. Review this classification regularly.
Approve access rights on the basis of a practical application of the need-to-know , need-to-do and need-to-use principles, i.e. only those staff with a genuine need to use classified information in the course of their duties are permitted access to it.
Restrict access to information stored on computer by using passwords, and change these passwords regularly.
Set up and audit trail system for computer systems to identify people who have gained access to information in order to facilitate future investigations and the monitoring of access control.