ass2- T333 (1)
2 C Risk plan
3 A,3 B
Information that must be protected
The information will be kept confidentially
Except where it qualifies for intellectual property rights (IPRs) protection (e.g. copyright, database rights, patents etc), information will usually only be protected as a business asset if it is kept confidential. Confidential information can relate to any subject matter and be stored in any form (whether hard copy, electronic or even stored in people’s minds). Examples of confidential information include a new product design, a marketing strategy and software code.
Confidential information is often only valuable if it can be used. Such use of information will invariably involve, (a) storage of the information in an accessible form; and (b) its disclosure to others. Storage and disclosure should be carried out in circumstances which physically protects the information and allows it to maintain its status as protected confidential information.
Storing the secrets
Confidential information can be stored by businesses in a variety of ways, e.g. filing cabinets, PC hard drives and in people’s minds. Security measures appropriate to the method of storage and relative value of the information should be put in place. There are particular problems associated with protecting information stored on a computer network or accessible via an internet link which should be addressed
Sharing the secrets
Confidential information may be disclosed when discussing business proposals with clients, using employees to carry out work, engaging third party contractors and communicating business information to suppliers. This disclosure may take place face-to-face, over the telephone, by fax, by email or over the internet. Again, you should consider the method of disclosure and assess what measures you can take to ensure the information remains confidential.
One way of maintaining the secrecy of information is by imposing specific confidentiality obligations on its intended recipients. These obligations can be set out in confidentiality letters/agreements and notices (on documents, faxes, emails, etc.). It is crucial that you impose these obligations befo...
Employees and confidential information
Employees automatically have duties to their employers to not knowingly misuse or wrongfully disclose their employer’s confidential information. These obligations are also often expressly confirmed in their employment contracts. If these employees leave a business, the business is less well protected. The courts will generally only protect the more important trade secrets of a business and will be reluctant to restrict ex-employees from subsequently using less critical information. To increase the chances of being able to restrict use of confidential information by ex-employees, it is important that a business can show that, (a) the ex-employees knew that the information concerned was highly confidential; and (b) appropriate measures were taken to protect the information.
Over-reliance on confidentiality agreements
While confidentiality agreements and express confidentiality obligations in employment contracts are useful tools in protecting information, they should not be over-relied upon. Such agreements may allow damages claims in the event of wrongful use or disclosure of confidential information. However, such compensation may be too little too late if the knowledge underpinning a competitive advantage has been disclosed to competitors. Furthermore, it is often difficult to trace the source of a confidential information ‘leak’. The golden rule is that information should be kept secure on a day to day basis and only be disclosed to employees, contractors etc where it is necessary in the circumstances.
Assessment and Evaluation
You've reached the end of your free preview.
Want to read all pages?