A technology company's lifeblood depends on the secrecy of its intellectual property. Most companies safeguard sensitive trade secrets with confidentiality agreements -- but many of these agreements aren't as comprehensive as they need to be. Confidentiality is more than a contract, according to experts on employer agreements. It's a process that starts with the creation of a confidentiality programme -- a programme that should touch hiring and employee retention strategies as well as the way the company handles confidential documents. A confidentiality programme should also include a regular review of confidentiality agreements. To help members put a solid confidentiality programme in place, TechRepublic offers two sample confidentiality policies for download -- one from the Project Management Institute and another from Sean Gallagher, attorney with the Washington, DC-based firm of Hogan & Hartson. A starting pointThese policies provide a good starting point from which to examine an existing confidentiality agreement or institute a new one. However, experts advise using template forms with caution. Blindly following a template is not without its dangers. "The biggest pitfall I see," said Gallagher from his office in Denver, "is using an old boilerplate contract or agreement you get from somebody else." A lawyer or someone intimately familiar with intellectual property should review any policy to make certain that it fits a company's specific situation. When reviewing the contract, here are some issues to take into consideration:
- Specificity about who owns the intellectual property.
- A description of which intellectual property is considered confidential -- the more specific the description, the more enforceable the agreement.
- A description of what happens to the agreement at the end of the employee relationship -- corporations want it to remain in force.
- A provision for successorship in the event that a company sells its assets to another company.
- An outline of specific remedies, such as the ability to obtain an injunction or pursue litigation for damages in the case of a breached contract.
As part of the confidentiality programme, chief information officers should direct managers to stress confidentiality in the hiring process. There's always a danger that a new employee will bring trade secrets with them from their previous employer, which could potentially undermine the integrity of the new employer's intellectual property. Asking potential hires if they understood the confidentiality agreements they previously signed can alert employers to potential issues. On the flip side, any time an employee leaves a company, the employer runs the risk that sensitive information could be leaked to the competition, so strong employee retention programmes go hand in hand with creating a culture where confidentiality is respected. Create a procedure for handling documents
How a company treats its own confidential information goes a long way in creating a climate that supports or undermines confidentiality. For instance, if sensitive network security plans and diagrams are carelessly left in copy machines or printers, how secure can the information be? To keep employees accountable, chief information officers might even want to go as far as to number the copies of confidential documents and then assign a number to each line manager. "If a copy shows up on a copy machine, you can identify who owns number 16 and track it back to the source of whom it is that is disregarding the confidentiality policy," explained William Scarborough, general counsel at the Project Management Institute. In dealing with electronic documents, managers might also consider making them read-only PDF files. Without the ability to copy, paste, or save information in documents, it makes it harder to distribute and leak information. All of these ideas can go a long way toward making sure that classified information stays in the right hands and out of the wrong ones. But it takes a thoughtful leadership to execute them. "A confidentiality policy can't be a policy that's just stuck up on a wall," said Scarborough. "You have to live it." TechRepublic is the online community and information resource for all IT professionals, from support staff to executives. We offer in-depth technical articles written for IT professionals by IT professionals. In addition to articles on everything from Windows to email to fire walls, we offer IT industry analysis, downloads, management tips, discussion forums, and e-newsletters.
For all job and work-related news, or to search for a job and get information on training, go to ZDNet Jobs. If you have something to say about work and employment issues say it here at the Jobs Forum. Let the editors know what you think in the Mailroom.
