Protecting Confidential Information

With increasing employee mobility, together with the problems of enforcing restrictive covenants, protecting confidential information has become centre stage. Confidential documents in the wrong hands have significant implications for a business trying to maintain its competitive advantage.

Confidential information is relatively easy for employees to misappropriate. Information can be physically copied, emailed as attachments to private email accounts, or transferred onto memory sticks. Unless an employer obtains specialist computer forensics support, detecting theft of confidential information is extremely difficult.

Types of Confidential Information

• Trade secrets: technical or commercial information offering a competitive advantage. Courts tend to have no hesitation in enforcing employee obligations.

• Mere confidential information: commercially sensitive but not amounting to trade secrets. Express contractual obligations are important for protection.
• Employee skill and knowledge: not usually protectable.
• Public domain information: not protectable.

Contractual Obligations

• Employment contracts should include express confidentiality clauses.
• Clauses should clearly define what constitutes confidential information giving exhausted examples if possible.
• Policies should reinforce confidentiality obligations across departments.

Protective Measures

• Limit access to sensitive material on a need-to-know basis.
• Implement IT controls and monitoring tools, making sure that there express contractual rights to monitor employees and data.
• Ensure company property and data is returned on exit.

Responding to Breaches

• Act swiftly to investigate — forensic IT support may be necessary.
• Maintain GDPR compliance when handling employee data.
• Consider injunctive relief, delivery-up orders, or damages claims.