Skip to main content
IMA Executive News & Views Blog

Whose Information is It? Is Your Non-Disclosure Agreement Protecting You?

Waltz, Palmer & Dawson, LLC is an IMA B2B Partner

Does your company receive, provide or exchange confidential information with your clients, vendors or services providers? If so, your company should have a non-disclosure agreement (NDA). NDA’s discuss the exchange of confidential information between two or more parties and identifies the obligations placed on each party regarding the use and protection of such information.

If your company already has an NDA, have you read it? Recently? It is a good idea to dust off your standard NDA every few years and give it a good review to make sure that it still protects your company as well as it did in the past.

Listed below are a few of the key items to keep in mind while you review your company’s NDA’s. If your current NDA does not address these issues, it is time for it to be updated. If your NDA does address these issues, it is important to make sure that your NDA is drafted in the way that best protects your company and matches your current practices.


  1. Parties

One of the most important things to consider when drafting or updating an NDA is who is going to use it. If your business is made up of multiple entities or business segments, it is important to determine if each entity has the same needs and if such needs can be sufficiently addressed by the same NDA or if each segment needs its own.

It is equally important that the NDA properly identify the involved parties. In order to do so, the NDA should, at a minimum, include the legal name of the involved parties and the state in which they are incorporated or organized.


  1. Mutuality

Is only one party disclosing confidential information or are both parties? If both parties are disclosing confidential information, then a mutual NDA is needed. If only one party is disclosing confidential information, then a unilateral agreement is needed.


  1. Term

The term of the NDA indicates how long the confidentiality obligations imposed by the NDA are to last, for both the information received and the information provided. It is important to determine if a term is appropriate for your information and how long of a term is needed.


  1. Confidential Information

It is important that your NDA explain what is considered confidential information. The definition of confidential information changes based upon the industry you are in and the information that is being exchanged. The definition within your NDA should be tailored for your business and reference the items that you are likely to exchange. If you are the discloser of information, it is a good idea to have the definition of “confidential information” include any summaries or reports which are based upon confidential information that was provided under the NDA.

NDA’s often require that the parties label any confidential information that is shared as “confidential”. If information is shared verbally, an NDA may require that the disclosing party provide written notification to the receiving party that the information shared verbally should be treated as confidential pursuant to the NDA.


  1. Disclosure to Third Parties

Businesses occasionally rely upon and/or use consultants and other third-parties for support and/or to provide additional services. If your business uses third-parties and such parties need access to the confidential information that is being provided, your NDA needs to include the right for you to share any confidential information that is provided to you with such third parties. Often, the other party of the NDA will require, in order for you to share information with the third parties, that you have a NDA in place with such third parties and that your business agrees to be responsible for any leaked information or breaches of the NDA, regardless if such was done by your business or by your consultants.


  1. Standard of Care

When reviewing your prior NDA, it important to make sure that you understand the standard of care that the receiving party must use in protecting the confidential information that is provided and that it adequately protects your information. There are several different standards available, each requiring a different level of security and protection. The level of care required when someone must keep something “strictly” confidential is different than when someone is required to use “commercially reasonable” efforts to protect the information.

It is also important to make sure that the NDA is consistent throughout the entire document as to the standard of care that is to be used. Occasionally, you will see NDAs that are inconsistent and state one standard in one place and then use another standard later in the NDA. This cause a disagreement within the document which can lead to issues later.


  1. Reporting Obligation

What happens if the other side, purposely or accidentally, discloses your company’s information in violation of the NDA or if the information is accessed by an unauthorized third party, such as a hacker during a data breach? What obligations does the other party have to notify you of the disclosure? Is there a time period in which they have to inform you of the disclosure? Is the disclosing company required to work with you in responding to the disclosure or the data breach? A well drafted NDA will address these types of situations and provide guidelines should such an event occur.


  1. Return of Confidential Information

It is common for the NDA to require the parties to return or destroy the information that was provided during the term of the NDA at the end of the business relationship. This is done in order to prevent the party who received the confidential information for continuing to use it after the relationship has ended.

It is important to consider if you want the information returned or if you want such destroyed. Depending on the type of relationship, the other party may be the only one who has certain confidential information which belongs to your company. If you wish for information to be returned, it is important to indicate the manner in which information such be returned; often parties request that it be returned in the same format that it was provided (e.g. an excel workbook is returned as an excel workbook, not as a paper copy of such) to make sure they have the ability use such in the future.

This post only identifies a few of the items that should be considered when drafting or “cleaning” your form non-disclosure agreement (NDA). It is recommended that you consult with an attorney regarding the preparation of this vital and important document.

To view the original article, click here.