Organizations with sensitive information must keep it protected at all times. Some information even has to be protected from unauthorized employees, just to mitigate the risks of it falling into the wrong hands. Such was the case with the Vatican and Pope Benedict XVI, who had a substantial amount of personal data stolen from Paolo Gabrielle, his long-time former butler.

According to a report from the Associated Press, Gabrielle has confessed to leaking copies of the Pope’s personal documents – many of which were scheduled for destruction – to members of the media. The contents of the documents varied, and some, according to testimony from police officer Stafano De Santis, were incredibly personal.

“Some documents concerned the total privacy and private life of the Holy Father,” De Santis testified on Wednesday.

This incident is not exclusive to an individual and his or her assistant or confidante. In most organizations there are documents that some employees should not have access to. For example, personal employee records should be protected and only viewed by a small handful of people.

That isn’t to say businesses need to be on the lookout for malicious activity. In many cases, a disorganized office can cause employees to find themselves in improper possession of information and, even if they don’t plan to act on it, the simple fact that they have seen it could be a violation of regulations and result in serious consequences.

When this information is stored digitally, it is easier to secure. Records can be stored in private folders, only to be accessed by password-protected applications. Physical copies are more difficult, unless a company partners with a professional records management provider. These professionals can store sensitive information off-site so that it is safe from the wrong hands.