Making sure your NDA protects company information

This article was originally published on ITProPortal.

What are the essential things to know when creating a company’s NDA?

Non-Disclosure Agreements, more commonly known as NDAs, often seem to be simple and straightforward. However, there are a few key elements that will mitigate risk and ensure the protection of a company.

Mutual vs. One-Way

In general, there are two kinds of NDAs: mutual and one-way. In a mutual NDA, both parties are sharing confidential information and agreeing to keep all information secret. One-way agreements place the duty on just one of the parties to maintain confidentiality.

One-way NDAs are commonly used when outsiders are invited into an organization on a temporary basis. For example, a consultant hired for a finite project may sign a one-way NDA to protect the client’s proprietary information, both during and after the engagement. This ensures that, as the consultant goes on to work with other companies in the future, he or she is bound not to disclose that proprietary information to future clients.

Mutual NDAs are useful when both parties are likely to divulge sensitive information. Merger and acquisition discussions, for example, almost always require mutual NDAs. Such discussions involve a rigorous discovery process whereby the two organizations divulge extensive financial data and intellectual property. Safeguarding this information via a mutual NDA is in both parties’ mutual best interest.

Mutual NDAs are increasingly common as they protect both parties equally by having each side confirm the same level of responsibilities. However, it’s always best to thoroughly review a contract to ensure a clear understanding of the NDA’s terms.

Confidential Information Inclusions

The most important part of an NDA is the definition of what constitutes “confidential information” in the context of the NDA. This element sets the stage for the rest of the contract by creating a level of trust between both sides so they feel comfortable discussing proprietary or sensitive information.

When dealing with trade secrets, NDAs are especially critical. Trade secrets lose all protection when they are revealed, so NDAs are a straightforward and effective way to ensure they are protected. In a worst-case scenario, a good NDA provides recourse if the other party misuses information or discloses trade secrets protected in the NDA. The World Intellectual Property Organization has more information on trade secrets.

The definition of confidential information should encompass everything that needs to be protected within a business—this is the information that gives an organization its competitive edge, and would be potentially damaging in the hands of competitors. Depending on the industry, this can be anything from technical product specifications to sales processes to customer lists. The parameters of what should be shared as well as the subject matter should also be included in this definition while taking care not to disclose any of the confidential information, as the NDA itself may not be a protected document.

While the definition of confidential information needs to include all of the essential parameters of protection, it shouldn’t be so broad that the other party isn’t able to follow it, or worse yet, is not enforceable in court. Narrowing the scope of the definition to require the information to be specifically marked as confidential, limiting confidential information to only that which is disclosed in writing, or specifying the dates of disclosure are some methods used to clarify precisely what confidentiality means for both parties.

Then there are also the exceptions to confidential information. Typically, these are pre-established by law and include any information created or discovered by the receiving party before entering into or independent of any involvement with the party disclosing the confidential information.

Confidential Information Responsibilities

Once the confidential information is determined and clearly defined, a critical clause in the agreement is what the people receiving the information can do with it. Here are some considerations when reviewing confidentiality clauses:

  • Is the receiving party not only learning about, but also using the confidential information? This may be considered a license.
  • Is the confidential information being shared with anyone other than the recipient of the NDA? This may be considered an exclusivity clause that precludes one party from speaking with anyone else, which can impact bargaining power further down the road.
  • Is there any language that negates a confidential relationship? This may not be an NDA but a contract that causes one side to lose the confidentiality of any information provided.

NDA Duration

If the parameters of the agreement are well-defined, the next thing to consider is the duration of the agreement. An NDA’s protection should last long enough to protect the confidential information provided – this duration varies depending on the organization. This could be a matter of months or years, and depends on the information that’s being protected. Typical NDAs in the United States last anywhere from two to five years. NDAs that allow one side to disclose information in a matter of months can raise red flags.

Templates and Security

A simple way to maintain version control and ensure consistency with NDAs is through the use of templates. Working from a template library within a cloud-based contract lifecycle management platform ensures that any changes that need to be made to an NDA will be automatically updated to ensure everyone who creates a new NDA is using the most recent version. In addition, having a cloud-based platform enhances the security of all NDAs and ensures only required parties have access to these sensitive documents.

NDAs should always be created carefully and reviewed thoroughly. Taking the right steps to ensure that both parties are protected down the line is important to prevent negative consequences in the future.