Skip to Main Content
by KELLY GRIFFIN | March 10, 2009

Share

The time to think about keeping company trade secrets and proprietary company data secure is today and every day. It starts before a new employee is hired, during employee orientation, and as a normal part of routine company operations. HR professionals play an integral role in security-specifically during the hiring process and the new employee orientation program.

Richard J. Bernes, founder of the Bernes Group (http://www.bernes. com), a Los Gatos, California-based firm that offers a wide range of solutions in the areas of security consulting, investigations, and litigation support, says that protecting your company's intellectual property and making certain that your new employees don't bring another firm's trade secrets with them are critical issues for your company's success.

Bernes, a former 20-year specialist with the FBI, provides a definition for a company's intellectual property: "Trade secrets - information that a company has that they feel should be guarded from public exposure. It's proprietary information owned by the company that they don't want their competitor to have."

Nondisclosure agreements fill legal need. Bernes recommends that all new employees sign nondisclosure agreements (NDA) that prohibit them from sharing proprietary information with other individuals outside the company. "This agreement should also include a [second] section that states that the employee has not brought any trade secrets or other proprietary information with them from their former employer," he adds.

This second section is as critical as the first section of the agreement. Bernes explains that if a new employee at some later date shares proprietary information from a former employer with the new employer, a lawsuit regarding stolen competitive or design information, or even a federal criminal charge, could be levied against the employee and the current employer by the former one. The signed NDA may become an integral part of the current companys legal defense.

"Wait, back up," you say. Criminal charges? That's right - a federal law passed in 1996, the Economic Espionage Act (U.S. Code Title 18, Sections 1831 and 1832) covers and provides criminal penalties for the sharing of information "that will benefit a foreign government, foreign instrumentality or foreign agent," as well as for the "theft of trade secrets."

Having new employees sign an NDA is just the initial step in protecting your company. Employees may unwittingly share proprietary information because they have not been trained to recognize what intellectual property is, how to guard against others stealing it, and how to protect their own work areas.

Bernes gives as an example the habit of many engineers to keep daily logs on current projects that are actually detailed diaries of the entire workday, including detailed notes, descriptions, and even formulas used in current projects. "Much of that information walks out the door with them [when they resign] unless the company specifies upfront that the logs are their property," notes Bernes.

Another area of intellectual property that employers should focus on regarding security is e-mail. Having an employee e-mail policy and monitoring system for outgoing messages is important. Proprietary information can easily be sent out through e-mails and the attachment of company files to e-mails.

Security training makes sense. New employee orientation is a good place to begin the educational process regarding security of intellectual property and the need to keep former employers' intellectual property confidential. To assist companies in guarding against intellectual property theft, Bernes suggests highlighting the following discussion points during orientation:

  • The definition of intellectual property including practical examples that employees can relate to, such as technology or design information, sales information, client lists, etc., and asking employees for questions and other examples.

  • Policies regarding NDA agreements and content covered by them.

  • Employee e-mail policies and monitoring systems.

  • Computer security. This includes:

    • Making certain that desktop computers have login codes and that, at day's end, each employee signs off, making access to their computer data impossible.

    • Reminding employees that even when they leave a work area for a brief period, such as for a meeting or lunch, they should log off the computer so that no one can take advantage of even a brief absence to access information.

    • Securing laptop computers with login codes, locks, and constant close guard. In the United States and Canada, over half a million laptops are stolen each year, notes Bernes. The proprietary data on them could be invaluable to a competitor.

  • "Hard copy" security, including:

    • Erasing whiteboards [or blackboards] that contain valuable data after meetings and before the workday's end. These can hold significant trade secrets and proprietary information.

    • Shredding documents that are no longer needed instead of throwing them in the trash where others might find them.

If much of this information seems like common sense, that's because it is, Bernes emphasizes. Unfortunately, Bernes says that many companies neglect to spend time or resources on security or security training, particularly on protecting intellectual property, until a security breach occurs. Using 20 to 30 minutes of new employee orientation time with follow-up refresher sessions for employees on an annual basis could make a major difference in protecting a firm's intellectual property.

Share

Filed Under: Workplace Issues

Want to be found by top employers? Upload Your Resume

Join Gold to Unlock Company Reviews

Newsletter
Subscribe to the Vault
Newsletter

Be the first to read new articles and get updates from the Vault team.