How Do I Mitigate Risk After I Sign an NDA?

One of the easiest ways to ensure that your business does not inadvertently disclosure proprietary information is to make sure that your agreement includes a strict and well-defined marking requirement. This means that when any confidential information is exchanged, that the information is clearly marked as falling under the scope of the NDA’s protection. This helps companies avoid any day-to-day confusion about whether information is protected.

For example, suppose an employee of Corporation A sends information to Corporation B via email. The Corporation A employee assumed that the information would be considered confidential and covered by the NDA. However, the recipient at Corporation B was not aware of any nondisclosure restrictions, and forwards the email to others. The forwarded email could be considered a breach of an NDA that lacks a clear marking requirement.

If a marking requirement is in place, then any information that is clearly marked as confidential is covered under the NDA. Any information that is not marked, falls outside of the NDA’s protections. In our example, if the employee at Corporation B failed to mark the email as protected, then Corporation B cannot try to sue for the disclosure.

When negotiating an NDA, it is crucial that you insist upon capping the damages available in the case of a confidentiality violation. It’s a good idea to explicitly limit damages to the compensatory value of the intellectual property itself. If this isn’t laid out in black-and-white, the other party may attempt to seek special damages. For example, if damages aren’t capped, a party who was harmed because of an NDA may claim that they experienced extensive business losses because of the compromised intellectual property that are not directly related to the value of the IP alone. Limiting damages to the reasonable licensing value of the protected information could save your company a lot of money down the road.

When drafting and negotiating a nondisclosure agreement, it’s important to include a crystal-clear definition of disclosure. This means, that the agreement provides a clear, specific scope for the disclosure, including who is allowed to view the information and for what purposes.

It’s a good idea to specify one person or a very limited amount of individuals as a point of contact for the protected information. The agreement should state that protected information should only be sent to specific individuals, like a certain attorney in your legal department or a particular executive working directly on the matter. This way, if the information is sent to another employee who is not aware of the NDA, it will be considered published by the other party and no longer covered by the NDA. Without a designated point of contact, the other party could accuse your company of violating the NDA. A single point of contact keeps things simple and information protected.

The final tip to remember is to use secure electronic and physical storage methods for the protected information. Be sure to utilize password protected documents, encryption and careful retention of any physical information.