Businesses are storing an increasing amount of their information in the cloud. As such, it’s becoming far more difficult to prevent employees sharing confidential information with competitors. Stealing information may be as simple as forwarding an email containing client information to a personal email address, or copying information onto an external storage device. Employers must then remain alert to protect their business’ valuable assets. This article will outline the steps that prudent employers can take to deter former employees from stealing confidential information.
Include Confidentiality Clauses in Your Employment Agreements
Former employees have an automatic obligation not to disseminate, share or otherwise use any of your business’s confidential information. Nonetheless, it is worthwhile to include an express confidentiality clause in all your employment agreements to ensure that your employee understands that they are legally bound not to use or share your confidential information.
A confidentiality clause will typically define what information is confidential in your particular business context. It is common for them to include:
- obligations of the employer and employee in relation to confidential information;
- a description of when these obligations apply;
- a description of any particular confidential information the employee will encounter;
- a description of parties’ obligations should employment cease for any reason.
Ensure Employees Return All Confidential Information in Their Possession
Companies need to make sure that when an employee is either terminated, made redundant or resigns, they return all confidential information in their possession to the employer. For example, if an employee was using a company laptop or computer in the course of their employment, they should return that laptop along with all the information on it back to the business.
An employer should seek explicit confirmation from a departing employee that they have returned all confidential information in their possession. In a recent Federal Court of Australia case, SAI Global, a leading provider of property information, found that one of its senior business analysts had copied ‘’highly sensitive’’ information onto a USB before leaving the company. The employee was able to make use of that information at his new place of employment until SAI Global obtained a court order that the former employee delivers all confidential information in his possession.
Protect Your Digital Files Via Encryption
Companies seeking to safeguard their confidential information might also benefit from the use of data encryption technology. Data encryption can operate so as to prevent your information from leaving your server. For example, you could monitor and stop emails containing confidential information from being sent to non-company email addresses.
What happens if you take all of the precautions outlined above and an employee still shares your confidential information? The following remedies are available.
Stealing confidential information establishes a breach of contract. As a result, you can terminate the employment contract between yourself and the employee. An employer may also find this an effective remedy in situations where the company is still paying the employee despite him/her leaving (for example, in the form of a redundancy package).
Court orders can prevent any further use, dissemination or sharing of the confidential information. A court can also order that the offending employee pays damages to the company, to compensate for any loss caused by the stolen data.
In SAI Global, for example, the Court ordered the business analyst who copied the documents containing confidential information onto his USB to:
- stop sharing the information further via injunction;
- pay SAI Global’s damages for breach of contract and copyright infringement amounting to just under $10,000; and
- pay a significant amount of SAI Global’s costs in relation to the matter.
Employers should note that the court did not order the respondent (employee) to pay for the entirety of SAI Global’s costs in relation to the matter. This is because, even though the matter arose as a result of the respondent’s actions, the Court held that SAI Global had incurred costs that were disproportionate to the importance and complexity of the matter.
For that reason, employers should consider including in the employment contract an indemnity clause. This will require the employee to ‘indemnify’ (i.e. compensate) the employer for any expenses incurred or losses suffered in connection with a breach of its confidential information policy.
You can read more about pursuing confidential information matters through the courts in our article, ‘An employee has stolen my client list. What can I do?’
It is easier for employees to steal information in our digital world than ever before. Employers can protect themselves from having an employee take their confidential information to a competitor by taking the following steps:
- include confidentiality clauses in all employment agreements;
- ensure employees return all confidential information in their possession upon departure, and
- protect digitally stored files via encryption.
If these safeguards fail, employers can terminate the employee’s agreement or seek court orders to prevent them sharing the confidential information, or to seek financial compensation for any loss suffered.