Answer:
Most businesses have information (their “secret sauce,” so to speak) which is critical to their business and provides them a competitive edge in the marketplace. It is essential for businesses to take steps to protect that confidential information.
Here are 10 suggestions to protect your Company’s confidential information:
1) Limit access to confidential information to those who have a need to know it to perform their jobs;
2) Keep hard copies of confidential information under lock and key and password protect electronic documents and e-folders that contain your confidential information;
3) Require all employees to lock their computers whenever leaving their desks and to change their login passwords periodically;
4) Use “Confidential” headers on documents that contain confidential information (such as monthly sales or commission reports, customer lists, prospect lists, etc.);
5) Require all employees to sign a non-disclosure agreement (NDA) as a condition of employment or continued employment;
6) Include a strong confidentiality policy in your employee handbook that complements the confidentiality provisions in the non-disclosure agreement, and obtain signed acknowledgment forms from all employees for your handbook;
7) Cross-reference the confidentiality policy in your disciplinary policy and/or standards of conduct and clearly state that misuse or improper disclosure of confidential information could result in disciplinary action, up to and including termination;
8) Conduct employee training to ensure employees know their roles and responsibilities with respect to the Company’s confidential information;
9) Require that any disclosure of the Company’s confidential information to third parties (such as vendors) be governed by a non-disclosure agreement. Just like an employee NDA, you should not grant access to your confidential information until after the third-party signs an NDA; and
10) Create a standardized exit process for employees that includes (a) requiring them to return all Company property, including confidential information (in any format or medium); (b) disabling all computer access email accounts, and remote cloud access to business records; and (c) allowing IT to wipe Company data from the departing employee’s personal electronic devices.
Most of these measures are fairly easy to execute. Do not wait to focus on these issues until a key employee leaves and misappropriates your Company’s confidential information. Implement these measures now and know that when an employee with in-depth knowledge of your Company’s confidential information leaves, your information is protected and you will be well-positioned to send a strong letter reminding the departing employee of their ongoing obligations.