Never be complacent when it comes to protecting confidential information, because once confidentiality has been lost, it’s lost forever, writes Grid Law founder David Walker.
If you want to share confidential information, you should always use a non-disclosure agreement (NDA). However, as we saw in my last article, there’s always a risk of problems occurring.
For example, the person you disclose your confidential information to may breach their agreement, they may use the information for purposes you have not allowed, or they may make it public without your permission.
These problems can have serious consequences for your business. So, in addition to relying on an NDA, you should also follow my seven practical tips for protecting confidential information.
Ensure all confidential information is clearly labelled as being “confidential”
To you, it may be obvious that your information is confidential, but that’s not always the case for the recipient. To avoid any doubt, all documents and the folders you keep them in should be clearly labelled as “confidential”.
If you’re emailing confidential information to someone, make sure the title of the email clearly identifies it as confidential.
If you hand someone confidential documents, tell them the information they contain is confidential and that you’re disclosing it in accordance with the terms of the confidentiality agreement you have signed.
If you’re discussing confidential information, make it clear that the information you are discussing is confidential and that they should not repeat it.
If you’re disclosing confidential and non-confidential information at the same time, keep it separate.
Provide hard copies instead of electronic documents
Electronic documents are easy to copy and share at the touch of a button. This makes them very convenient, but this also makes them very risky for confidential information. It’s not so easy to copy and share paper documents.
So, if possible, hand out paper copies of confidential documents in a meeting rather than emailing them. The attendees can then review the information disclosed, and you can collect the documents at the end of the meeting, ensuring no unauthorised copies having been taken.
Keep records of what information has been disclosed and to whom
Always keep records of what confidential information you have disclosed to a recipient and when. This is important because it will help you to trace any unauthorised disclosures of the information. It will also be crucial evidence if you need to take legal action to claim compensation for any breach of an NDA.
Many non-disclosure agreements contain a provision requiring the recipient to return or destroy your confidential information when the agreement comes to an end. If want to enforce this provision, you need to know who has copies of what information.
Use passwords and encrypted files for electronic documents
As I have said before, once confidential information has been made public, there’s no going back. You can’t make it confidential again, even if the disclosure was accidental.
One way to help prevent accidental disclosure is to encrypt electronic files and ensure only authorised individuals know the password. Then, if files are accidently sent to the wrong person, they cannot be opened and your confidentiality is preserved.
Encryption also has another advantage. It can help prevent inquisitive eyes looking at something they shouldn’t!
Education is key
Don’t assume that everyone understands what can and cannot be done with confidential information. Professional advisors will understand their obligations, but your staff or the staff of the recipient of the information may not.
Therefore, ensure your staff are properly trained in dealing with confidential information and have procedures for them to follow to safeguard its secrecy.
Before passing confidential information to the recipient, ensure that their staff have been told that they’re going to receive confidential information and that they’ve been properly trained to understand what this means and what they must do to keep your information a secret.
Create a data room
Data rooms are frequently used to protect confidential information during the sale of a business. All the information is kept in one place and potential purchasers are able to enter the room to review it. As well as agreeing to keep the information in the data room confidential, there are usually other rules that visitors must agree to, to protect the information.
These days, the data room doesn’t have to be a physical location. Virtual or electronic data rooms can also be used too.
If you don’t trust the person you’re disclosing confidential information to, don’t disclose it
Ultimately, if you have any concerns about someone’s ability to keep your confidential information a secret, or you think they may use the information for purposes which you have not permitted, don’t disclose it to them.
Whilst they may be under a legal obligation to protect the confidentiality of your information, and you would have the right to compensation if they breached their NDA, legal action is something to be avoided if you possibly can.
If you absolutely must share the information, share as little as you can get away with and take every precaution you can.
If you have any questions about protecting confidential information, email me at firstname.lastname@example.org and I’ll be happy to answer them for you.
Catch up on the rest of David’s latest series:
- The benefits of a shareholders’ agreement for small business owners
- The benefits of non-disclosure agreements for entrepreneurs
- How to overcome common problems with non-disclosure agreements
Sign up to our newsletter to get the latest from Business Advice.