By Travis Townsend
One of the biggest fears of many business owners and managers is exposure of their company’s business plans and key secrets. Lots of businesses derive their value from the special things they know and do, the special ways in which they do them, and the special people for which they do them. But all business operations require interaction with outside parties whether it is with customers, vendors or contractors. These interactions can sometimes present situations where sharing confidential information is unavoidable. Then what? How do you get the appropriate people involved with your business without risking the loss of your valuable confidential information?
The first step in protecting your company from mass dissemination and misappropriation of confidential information is to limit disclosure to those instances when doing so is absolutely necessary and to those individuals to whom disclosure is absolutely necessary to further your objectives. Just because you’re considering hiring a vendor to help develop your marketing strategy it doesn’t mean that every single employee of the vendor needs to know your secret processes for doing business or who your target clients are. Make sure disclosure is made on a “need to know” basis. The smaller the number of individuals receiving the confidential information the more control you have in protecting it.
The next step is to require all parties who will be receiving the information enter into a tight non-disclosure agreement. Ensure that the NDA expressly defines “confidential information” and that the definition is comprehensive. Key items that must be covered in the definition of “confidential information” include: all company proprietary information, intellectual property, customer lists, business processes, trade secrets, and anything else the company wants to expressly prohibit from being disclosed. After thoroughly defining the information to be kept confidential, the NDA should expressly state the duty to keep the information confidential. The duty to keep confidential should state directly that the receiving party must not disclose confidential information to third-parties. It should also disallow the use of the information for the receiving party’s own benefit.
A good NDA should also contain clear policies and procedures that must be implemented to protect the information. Some examples of useful procedures include the prohibition of making duplicates, return delivery of materials once reviewed or upon completion of the relationship, or even destruction of the materials upon completion of the relationship. Consistent with my previous statement that the number of people receiving the information should be limited, it is good to provide language in the NDA that only permits the receiving party to disclose information to employees, partners, agents or officers on a “need-to-know” basis.
Don’t let fear of disclosing confidential business information prevent you from doing business. At the same time, take steps to protect your valuables.