Our business protection checklist helps clients identify ways to protect valuable customer connections and confidential information. We assist clients to conduct business protection audits, update contracts and policies, and to enforce confidentiality obligations and post-employment restraints.

Consider the following 25 questions to help identify if your business may benefit from taking steps to strengthen its business protection measures.

  1. Do your employment contracts provide sufficient notice of termination to give you time to take positive business protection measures before the employment ends?
  2. Do your employment contracts include a right to direct an employee on gardening leave during the employee’s notice period?
  3. Do your employment contracts include a ‘return of property’ obligation on termination of employment, and deal with the ownership of professional networking profiles, such as LinkedIn profiles?
  4. Do your employment contracts include a post-employment restraint? If yes:
    1. Do you use a ‘boilerplate’ clause or tailor restraint obligations to the employee’s particular role? The latter is vital.
    2. Do you have a process for identifying the customer and trade connections and confidential information you need to protect by that restraint?
    3. Do you have a process for identifying which employees should be subject to a restraint, taking into account customer and trade connections, confidential information accessible in the role and the employee’s capacity to damage the business?
  5. What activities do you wish to restrain?
    1. Competition? Have you carefully defined a "competing business"? Have you considered naming competitors?
    2. Solicitation of customers and clients? Is this appropriate given the employee’s role?
    3. Solicitation of suppliers? Is this appropriate given the employee’s role?
    4. Solicitation of employees and contractors? Is this appropriate given the employee’s role?
  6. Is the geographic area of the restraint appropriate based on the area in which you do business, and the employee’s role?
  7. Is the period of the restraint appropriate based on how long you will need to take positive steps to protect customer and trade connections and confidential information?
  8. Will you use "cascading" restraints? This can be particularly important outside New South Wales.
  9. Do your restraints include an acknowledgment as to the reasonableness of the restraint, and that damages may not be an adequate remedy?
  10. Do you give employees the opportunity to obtain independent legal advice about the restraint before signing the contract? Does your contract acknowledge this?
  11. Do your employment contracts include a "confidential information" clause? If yes:
    1. Do your employment contracts expressly restrict the unauthorised use or disclosure of "confidential information" both during and after the employment?
    2. Do you have a process for identifying what is "confidential information" to your business?
    3. Do you have a process in place to secure your "confidential information"?
    4. Do you have a process in place to put employees on notice that certain information is considered to be "confidential information"?
    5. Is the definition of "confidential information" broad enough to capture all of the confidential information of your business, including commercially sensitive information?
  12. Do your employment contracts include an "intellectual property" clause? If yes:
    1. Is there any particular intellectual property that is special to your business that you should specify to be the property of the company in your employment contracts?
    2. Do you include a "moral rights"clause?
  13. Do you have a workplace surveillance policy that complies with the requirements of the Workplace Surveillance Act 2005 (NSW) to monitor computer use and emails?
  14. Do you have a ‘work from home’ or ‘information technology’ policy that addresses confidentiality and security of information for employees who work from home or have remote access to work systems?
  15. Do you have a social media policy?
  16. Do you have a process in place to communicate relevant policies to new and existing employees?
  17. Do you conduct periodic training about relevant policies and keep appropriate training records?
  18. Do you have a process in place for reviewing relevant policies from time to time, for example, to keep up with advances in technology?
  19. Do you reserve yourself the right to vary or replace policies from time to time, and ensure that, where appropriate, policies do not operate contractually?
  20. Do you have a process for requiring employees to sign a new employment contract on promotion or transfer to a new role?
  21. Do you have a process for periodically reviewing restraint and confidentiality obligations for long serving employees?
  22. Do you employ staff through a related service company? If a service company is the employer, do your restraint and confidentiality obligations protect the trading company?
  23. Does your IT system have the capability to monitor unusual transfers of confidential information or intellectual property, and raise an alert?
  24. Do you have processes in place to assess and manage risks associated with the potential misuse of confidential information or intellectual property by employees working flexibly?
  25. Do you have exit procedures in place to assess and manage risks associated with the potential misuse of confidential information or intellectual property by employees leaving the business, such as conducting computer and email audits in accordance with workplace surveillance laws?