
From our first meeting, the client insisted that their
unique process was a closely-guarded secret.
We were told that only a few trusted employees understood or had access
to information about it. Their whole
case was based on that. The problem? When we toured the manufacturing plant, we
discovered that the secret process was described in lists and diagrams posted
on the wall of a room where employees came and went all day, and where plant
visitors were sometimes brought during tours.
In the minds of our client’s upper management, the process was secret,
but in reality it was not kept confidential.
Our case against the ex-employee was much weaker than it would have been
if the company’s valuable information had actually been the closely guarded secret
our client seemed to think it was.
We thought of this case when we reviewed proposed
legislation that creates a federal trade secret claim. We are also very aware of the vulnerability
of companies’ trade secrets in the event of a data
breach. Even absent a data breach, a
company’s failure to secure trade secrets and confidential information within
its internal information management system is the electronic equivalent of posting
that secret process on the plant wall: if everybody can access trade secrets,
they don’t qualify for legal protections.
Here are some practical steps companies can take to
protect confidential information and trade secrets from internal and external
threats:
-
Figure out what trade secrets or confidential and proprietary information you have.
-
Determine where and in what form (i.e., electronic or hard copy) this information is stored.
-
Identify who, inside and outside your organization, needs access to this information, and when.
-
Take appropriate steps to restrict access. Lock the file cabinet, don’t allow confidential documents to be left out on desks, and create protocols for access to electronic files and data.
-
Explain why access to information is being limited, and train employees about the importance of protecting these business assets.
-
Investigate and, if appropriate, take corrective action if unauthorized access or misuse of confidential information is suspected.
-
Don’t lose track of this issue. Trade secrets change. People come and go. Information systems evolve. Through it all, however, confidential and proprietary information has value that should not be put at risk.
Posted by Judy Langevin