What is confidential information?
“Confidential information” can range from contacts, suppliers and customer lists all the way up to “trade secrets” such as recipes or formulas. Such information can be held in any number of different formats from paper to IT systems.
Legally, confidential information consists of two different categories:
- Trade Secrets – these are specific pieces of information that if disclosed would seriously or irrevocably damage the business of a company. They are treated as being of the upmost importance to how a business operates. A good example of this would be the secret formula for Coca Cola. Trade Secrets receive protection even after employment terminates regardless of whether the employee has signed a confidentially agreement.
- Confidential Information – sometimes known as ‘mere confidential information’. This is information important to a business but which cannot be considered a trade secret. A customer list would be a good example of this.
Can we help?
If you are an employer concerned about how to protect your confidential information, take a look at our employment contracts page or give us a call on 0845 225 2635
If you are an employee and you need advice about contractual restrictions or alleged breach of contract, please give us a call.
How do you protect confidential information?
Most organisations have some confidential information and normally it is necessary to share it with employees to enable them to do their jobs. And therein lies the challenge. How do you share it without putting it at risk?
This area of law is known as ‘confidentiality’. Businesses can do a lot to stop employees breaching confidentiality, using the information for their own purposes, or giving out their information to rival companies or the general public. Unfortunately, many organisations fail to take the right precautions – particularly small businesses.
Generally speaking it is possible to lawfully protect confidential information from being wrongfully disclosed or misused.
The implied duty of confidentiality…
All employees have a duty of confidentiality whilst they are employed. This duty is implied into a contract of employment by law and so does not need to be expressly written down. This implied duty protects both “mere” confidential information and trade secrets.
…after employment has ended
However, after employment has ended, only trade secrets are protected by the implied duty of confidentiality. In other words, your confidential information (e.g. customer lists) are not protected unless you have a written confidentiality clause.
Confidentiality clauses in contracts
If you are interested in having contracts of employment drafted, please take a look at our employment contracts page.
Confidentiality Clauses within contracts could:
- describe all confidential information in an accurate enough way to not be ambiguous, but also drafted broadly enough to not be restrictive. This is a fine balance;
- confirm that the clause is ‘without prejudice’ to the individual’s common law duties. This is to make sure that the contractual clause does not inadvertently reduce the common law duties (implied terms) of the employee to confidentiality;
- confirm that the duty continues after employment has ended;
- specify that the employee cannot use confidential information other than for its intended purpose or make copies of the information for his or her own use. It is worth expressly stating this so that all parties understand their duties;
- state that it is the employee’s duty to protect the confidential information for the good of the business. This will cover any accidental disclosures by an employee and puts a positive requirement on them to ensure confidentiality and to not assist others in breaching this;
- include a section that includes a duty on the employee to report any disclosures that they become aware of to the company. This is a useful clause for employers who believe that several individuals are complicit in disclosing information but cannot establish exactly who this was, but none of them reported this to the company; and
- finish with a section regarding termination of employment. This needs to be carefully drafted to ensure that the employee delivers all confidential information to the company on or before their termination. This will include all electronic media stored on their personal devices. Once this has been delivered up and only after the company has received all of their information, there must be a positive requirement of the employee to delete and destroy all the data stored. The company should also retain the right to request proof from the employee that this has occurred.
Tips in protecting your information
The first tip is to sit down and work out what confidential information you actually have! This is something that is often overlooked. Let’s call it a “confidential information audit”. List the information out, and then, for each category, confirm how confidential the data is – does it amount to a trade secret for instance?
Secondly, work out who has access to that information and how. Ensure the access rights are appropriate for each class of information.
Thirdly – and this is key – ensure that each format in which the information is held clearly marks the information as confidential. This is so important and so often overlooked. If you have a confidential list of clients, for example make sure that:
- The folder it is stored in is headed “confidential”; and
- Ensure the list itself is headed “confidential”; and
- List the client list in the definition of confidential information in the employee’s contract of employment.
If any of the information amounts to a trade secret, then you should probably have the employee specifically sign a document which confirms they understand that it is a trade secret and that they understand the implications of that.
What information cannot be protected?
Own skill or know how
In order for information to be protectable the information should not be the employee’s own “skill or know how”. Information that is solely in relation to the employee’s own skill is their property and cannot be restricted by a confidentiality clause.
Information that is already in the public domain has no element of confidentiality and its disclosure cannot be restricted by a company.
Public Interest Disclosures
Employers cannot lawfully restrict ‘whistleblowing’ statements from being made to regulatory bodies or the media is they disclose confidential information which in the public interest. See Whistleblowing for more information on this.