So I Just Need One Confidentiality Agreement Template, They’re All Just Forms, Right?
Wrong, and sometimes dangerously wrong from a legal and business perspective. There are many different types of confidentiality agreements, also known as non-disclosure agreements (NDAs), and choosing the right type (and the terms and conditions in them) is important for each transaction.
As you can see, there are different types of NDAs for different circumstances. Many will contain similar legal concepts, but these concepts are often deployed in significantly different ways. And some NDAs have terms and conditions that are common in one type of NDA, but that you would rarely see in another type of NDA.
Indeed, in some cases, certain terms in one type of NDA would violate the law if they were included in another type. Thus, care must be taken to ensure that you are using a NDA that is appropriate for the context in which it is being used.
Confidentiality agreements are often the first thing topic that comes up when parties want to start discussions with one another, and choosing an inappropriate form of NDA can get things off to a bad start and have a negative impact on the potential relationship.
What Are Some Of The Key Things A Confidentiality Agreement Might Address?
There are several important concepts that are typically included in a confidentiality agreement. Here are some you often see included:
These are just examples of concepts you will find in confidentiality agreements, but their deployment and the language used can vary significantly depending on the context.
What About Third Party Confidential Information?
An organization typically accesses, uses and holds a significant amount of confidential information of third parties. For example, a business may hold significant confidential information about its own customers, vendors, and contractors that it is required to keep confidential by express confidentiality and non-disclosure provisions in its commercial agreements.
Some of this information may be subject to laws governing personally identifiable information (PII) or personal health information (PHI), and additional provisions may be needed to address the related compliance issues.
When contracting, organizations have to keep in mind what confidential information it has that needs to be protected – whether its own or that of third parties – or more often than not, both. In some cases, the terms and conditions of a commercial agreement require that any further sharing of confidential information, such as by a contractor with its subcontractor, is only permitted subject to specific contractual requirements.
What About The Defend Trade Secrets Act (DTSA)?
The Defend Trade Secrets Act (DTSA) is a federal law in the United States that provides a private cause of action for trade secret misappropriation. The DTSA allows individuals or businesses to file a lawsuit in federal court to protect their trade secrets and seek damages for any misappropriation.
The DTSA provides a range of remedies for trade secret misappropriation, including injunctive relief to prevent further disclosure or use of the trade secret, damages for actual loss and any unjust enrichment caused by the misappropriation, and attorney’s fees in certain circumstances. The DTSA also includes provisions for ex parte seizure orders, which allow a court to order the seizure of any property necessary to prevent the dissemination of a trade secret, in exceptional circumstances.
The DTSA includes a notice requirement for employers that wish to take advantage of the immunity provisions for reporting a suspected violation of the DTSA. The DTSA provides immunity for individuals who report a suspected violation of the DTSA to their employer or to a federal official, as long as the individual acts in good faith and has a reasonable belief that the information reported relates to a violation of the DTSA.
To take advantage of this immunity, an employer must provide notice of the immunity provisions to its employees, contractors, and agents in any contract or agreement that governs the use of a trade secret or other confidential information. This notice can be provided through a variety of means as specified in the DTSA.
Data Security Requirements in NDAs
NDAs often have specific security requirements tied to how confidential information should be protected, maintained and stored. In some NDAs this may be tied to detailed requirements and examples, especially with embedded NDAs in commercial agreements such as Master Services Agreements or Professional Services Agreements where sensitive data, PII and PHI are involved, or where laws and regulations impose specific requirements.
Other simpler NDAs may have a requirement that the recipient treat the confidential information with the same degree of care that they use to protect their own confidential information of a similar nature, but in no event less than a reasonable degree of care.
We Have A NDA In Place, So We Can Disclose Our Secret Sauce, Right?
In short, no. Even with a NDA in place, most organizations do not disclose their most sensitive information to third parties. A NDA is a contract that must be enforced, and only disclosing what needs to be disclosed is considered by most to be a best practice in not having to get involved in expensive litigation over a breached NDA. NDAs are like other contracts, and if they are breached the party suffering damages often must sue to obtain equitable relief and monetary damages.
Litigation is expensive and time-consuming, and not disclosing your most sensitive information is a good way to manage risk. By not disclosing sensitive information, and limiting disclosures to what is needed to continue discussions and services, a party to a NDA can limit serious damage should a breach occur. Some NDAs will contain an attorneys’ fees provision (i.e., permitting a party to collect attorneys’ fees in the event of a breach), but not all do. Like all commercial agreements, many parties do not want to expose themselves to attorneys’ fees which can often exceed the amount of damages.
However, as is the rule generally with limited exceptions, not including an attorneys’ fees provision may mean that you cannot collect the amounts you pay your attorney to enforce the NDA. While certain statutes and court rules may provide for the possibility of collecting attorneys’ fees, the safest way to ensure you will be able to collect them is to include an appropriate provision in your NDA. With mutual NDAs, this typically means exposing yourself to attorneys’ fees as well should you breach the NDA, which is why some parties to NDAs make the decision to include an attorneys’ fee provision on a case by case basis (and often only when they feel they will benefit).
The flip side of this issue is whether or not you are comfortable receiving certain confidential information from the disclosing party. In many situations, it is wise not to have certain types of another party’s confidential information in your possession as it becomes vulnerable to third parties who may try to access it. Further, receiving confidential information from a third party can also raise the risk of claims between the parties, especially where confidential information could be exchanged that both parties believe they own. This issue is often addressed through exceptions to the definition of Confidential Information, but claims can still arise regardless of this language.
What Else Can I Do To Decrease Confidentiality Risks?
Organizations should not rely solely on contracts to manage risk. Instead, they should employ a multi-pronged approach to confidentiality risks. These can include:
Shared by Geoffrey G. Gussis, Esq., a business lawyer and technology lawyer licensed in New Jersey and New York. Learn more about me, the legal services I provide, and articles I have written. Contact: geoff@gussislaw.com or (732) 898-0549 or (646) 389-2946 for a free consultation.
The materials available at or through this website are for informational purposes only and do not constitute legal advice. You should contact a licensed attorney in your jurisdiction to obtain advice with respect to any particular issue or problem. Use of and access to this website, or any of the information or links contained within the website, does not create an attorney-client relationship.