This month we continue to look at the subject of protecting confidential information, and business interests, through the operation of the employment contract, as well as summarising some of the other non- contractual day to day practises employers can operate to keep commercially sensitive and confidential information safe and secure.

Drafting confidentiality clauses/agreements

In our last article, focusing on the use of post termination restrictive covenants, we referred to the general implied duty of confidentiality on employees, and its limitations, particularly after the employment relationship ends.

There have been conflicting case authorities on the extent to which an express duty of confidentiality can cover anything short of a trade secret of termination of employment.  However, if properly and precisely drafted, having a confidentiality agreement can have the desired effect of protecting business sensitive information via appropriate contractual and legal means.

Labelling information as confidential within the contract will not necessarily convince the courts that the information is confidential in the legal sense.  Information regarded by the Company as being confidential must be treated as such in the normal course of business.  For example, labelling customer lists and sales statistics as "highly confidential" and generally restricting access to such information will both assist. An effective confidentiality clause, or agreement should contain the following key elements.

• A definition of the confidential information to be protected. This should specify the nature and type of information that the company wants to protect, and leave no room for doubt if an alleged breach was ever challenged. In drafting the clause, the employer should have in mind the types of information that an employee is likely to have access to and ensure it is expressly referenced.

• Specify the purpose and permitted use of the confidential information.

•  Clearly specify the circumstances in which such information may be disclosed.

• Detail the procedure for return or destruction of confidential information.

• Consider whether confidentiality clauses in contracts of employment need revision as employees become more senior within an organisation or move into different roles.

• Consideration i.e. payment or some other value, given in exchange for an obligation. This comes back to basic contract law principles which require there to be an offer, acceptance and consideration in order for a legally binding contract to exist. In many cases a confidential information clause will be contained within the employment contract at the outset of the employment relationship, and the offer of employment is arguably valid consideration in return for the employee entering in to those obligations. However, the imposition of any new or revised confidential information clause or agreement during the employment relationship, or on termination of it should be carefully considered. In those circumstances, employers should give thought to what additional consideration may need to be given in order to give the agreement legal enforceability. Executing an agreement as a deed may negate the need for valid consideration, but legal advice is recommended on matters which could impact on future enforceability.

It is important to remember that the operation of a confidentiality clause cannot prevent an employee from making a ‘whistleblowing’ protected disclosure within the meaning of article 67A of the Employment Rights (Northern Ireland) Order 1996. This should be expressly carved out in the contract. Other exclusions that will be commonly carved out from the duty of confidentiality are:

• complying with an Order from a court or tribunal to give evidence;
• doing or saying anything that is required by HMRC or a regulator, ombudsman or supervisory authority;
• reporting a criminal offence to the police or another law enforcement agency, and co-operating with a criminal investigation or prosecution; or
• information that is already in the public domain, or become public by a means other than a breach of the confidentiality agreement with the employee.

It is important that organisations asking individuals to agree to confidentiality arrangements ensure that it is understood that nothing in the clause prevents the individual from reporting serious wrongdoing or co-operating with criminal or regulatory investigations.

Protected Confidential Information Through Good Practice and Policy

Outside of express and implied contractual provisions, there are a number of practical steps an employer can take on a day to day basis to protect its confidential information, such as:

• Minimising the number of employees the business shares confidential information with. Before sharing, consider who the information is proposed to be shared with and ask why you are doing so.
• Clearly marking sensitive information as ‘confidential’, with a caution not to over-use the marking on all documents otherwise it may risk the protection given to the documents that genuinely contain information that is of a commercially sensitive nature.
• Regularly monitoring the use of email, photocopiers and similar devices. Ensure information security policies set out the rules on use and inspection of IT equipment, as well as the expected standards of conduct to be adhered to by employees. See our previous feature on IT and Information security policies.
• Implementation of a social media policy clarifying how it is permitted to be used (if at all) in the workplace and clarify the potential ramifications of inappropriate use. Where use of social media platforms are permitted for business, such as LinkedIn, consider including provision that a former employee must delete contacts created in the course of work.
• Operating password protection and security on databases, and keeping confidential hard copy documents under lock and key.

Conclusion

Use of agreements covering confidentiality post termination restrictive covenants can be an effective means of ensuring that the trade secrets and business sensitive information belonging to the Company remain protected even after the employees with access to it move on.

However, careful consideration should be given to the drafting and implementation of such clauses to maximise the chances of the clauses being legally enforceable in the event a business finds themselves faced with a potential breach.

A one size fits all approach will not apply, so before putting pen to paper employers should consider  exactly what information they want to protect, and the employer-employee relationship it applies to. Depending on the role and seniority of the employee in question, their access to trade secrets and confidential information will vary significantly.

Outside of contractual agreements, businesses should review their day to day operations, to ensure they have appropriate practices and procedures in place which set out clear standards and expectations with regard to the use, storage of and handling of confidential information.