Access control decides who can enter a room. Confidentiality decides whether what is said inside it stays inside. They are different problems, and strong access control can sit alongside a serious confidentiality gap without anyone noticing.
Access control governs entry. Cards, locks, biometrics and visitor logs decide who may walk through the door and when. That is valuable, but it speaks to physical presence, not to whether a conversation held inside the room can be overheard, recorded or transmitted elsewhere.
A device left behind after legitimate access, a modification made during construction or maintenance, an unmanaged piece of audio visual equipment, or signals that pass through walls and cabling can all carry information out of a room that no unauthorised person ever entered. The lock on the door does nothing about any of these.
Confidentiality is a combination of the technical, the physical and the human. It means the room has been examined for the means of compromise, that the way it was built and is maintained has been considered, and that the behaviour and access of the people around it are understood. Access control is one input among several, not the whole answer.
Start by examining the room rather than assuming it. A technical surveillance countermeasures inspection establishes whether a compromise exists, and reading it alongside behavioural intelligence explains how one might occur, so that the room can be trusted for the discussions that matter.
The questions every board should ask about confidentiality are a practical way to test whether your most sensitive rooms are genuinely private. To discuss a specific space, begin a confidential conversation.