Insights
Publications

Trade Secret Hygiene for Current Employees

December 31, 2019 Articles
ACCDocket.com

Published on ACCDocket.com. By Walt Norfleet, Smiths Group plc and Eugene Y. Mar, Farella Braun + Martel LLP

In the first two parts of this series on best practices in protecting trade secrets, we addressed risks raised by the arrival and departure of key employees at companies, and failed potential customer-supplier or acquisition scenarios. In this third and final article, we discuss the importance of maintaining good trade secret hygiene for current employees and recommend a few best practices.

Information security policy

While preparing such a policy in the first instance can be a burdensome challenge, start small. Document basic policies around when employees are permitted to share confidential information outside the company and in what format. It can be helpful to define categories of information, such as public information, internal information, confidential information, and strictly confidential information. Including a menu of characteristics for each classification in your policy along with examples can go a long way in promoting compliance by employees.

You may also want to define protection strategies for each classification. For instance, technical or sales information valuable to a company may require basic password protection access restrictions based on an employee’s “need to know.” More critical information, such as highly valued trade secrets or strategic business information, may be characterized as strictly confidential, requiring more stringent controls, including signoffs from senior leadership prior to sharing.

For technology companies, the importance of documenting key changes to source code and architectural specifications cannot be overstated. Document the primary changes, when they happened, and by whom. Should a company find itself in litigation, being able to establish when particular features were developed will be an important issue.

If your company already has a policy, then be sure to train employees on it on a regular basis.

Train, train, train!

The adage that “you’re only as strong as your weakest link” is particularly true when it comes to training current employees. If one employee carelessly forgets a flash drive containing confidential technical or business files at an airport and compounds the error by failing to encrypt or password link the flash drive, the secrecy around that information could be lost.

Best practices for training come in all shapes and forms. The key is to have an information security policy in place and train employees on its content frequently. Commonly, information security training is done at the time the employee is hired ⁠— during new hire orientation. Additional training could be done during an employee’s performance review, right after a promotion, and when an employee departs.

These trainings can be conducted as an all-hands meeting or a lunch-and-learn. Having a quick guide on the classes of information in your policy, and how each class should be run, can provide a reminder and reference whenever questions come up. Such quick guides may include physical brochures that employees can place on their desks and electronic guides or apps that can help employees classify and mark information appropriately.

Often, companies will forego training because it is burdensome or disruptive to the workflow. To minimize this burden, one best practice is to train employees by having them fill out mandatory, online five- to 10-minute quizzes semi-annually or annually.

The quizzes can, for example, present hypothetical scenarios in the form of a cartoon filmstrip followed by a series of questions asking employees to identify the risks. These brief quizzes can be very effective in reminding employees of information security policies at the company.

Some companies have implemented annual renewals whereby employees have to click through an online portal to:

  • Reaffirm their obligations under their employment contract (including confidentiality); and
  • Complete the information security quiz.

Employees must complete this annual renewal in order to regain access to the company’s storage servers and central document repositories.

Enhancing training by promoting a culture of innovation

For technology companies, effectively competing in the marketplace requires constant innovation. A culture of innovation promotes the importance of protecting that technology, whether that protection is sought through patent protection, copyright, or as a trade secret. The idea is that employees who are invested in developing new technology will be most incentivized to protect them.

To further enhance this culture consider asking employees in their annual reviews to characterize their contributions to company trade secrets — of course being mindful not to share critical information that those viewing the review might not be entitled to see.

Don’t forget the obvious

What can a passerby see when they walk by the windows outside your conference room? What can a visitor see from the lobby? Try it and find out!

Some information security consultants literally walk around the outside of a building and use their mobile phones to photograph what can be seen through a window while casually walking by in a parking lot. These exercises reinforce the importance to employees of maintaining good hygiene practices.

Conclusion

Maintaining good trade secret hygiene doesn’t have to be a burden. Many of the best practices suggested are best implemented as part of semi-annual or annual employee reviews. Implementing these best practices will help minimize the risk of inadvertent disclosure of trade secrets.

In addition, should the company find itself in the position of having to enforce its trade secrets litigation, these best practices will be presented to the judge and jury as the company’s reasonable measures to protect its secret — one of the core legal requirements to proving that trade secrets existed.

About the Authors

Walton Norfleet is IP counsel at Smiths Group plc. He handles a wide variety of IP-related matters and has broad experience in the industrial, energy, medical, and software fields. [email protected]

Eugene Y. Mar leads the technology industry group at Farella Braun + Martel. He specializes in trade secrets, patent, and IP licensing litigation and advises both Fortune 100 and emerging companies on best practices for trade secret protection. [email protected]

Firm Highlights

Publication

Protecting Your Internal Intellectual Property Investigation: Privilege and Work Product Under California and Federal Law

As California begins preparing to ease shelter-in-place restrictions, the state’s technology industry is facing the most challenging economic circumstances in recent memory. The state’s technology companies may place new demands on in-house intellectual property...

Read More
News

Farella Braun + Martel Attorneys Named 2020 IP Stars by Managing Intellectual Property - Firm Recommended for Patent Litigation

Farella Braun + Martel’s James L. Day , Jeffrey M. Fisher , Eugene Mar , Stephanie P. Skaff and Roderick M. Thompson have been named IP Stars by Managing Intellectual Property in its 2020...

Read More
News

Daily Journal Names Farella Lawyers Among Top IP Lawyers in California

Farella Braun + Martel is proud to announce that partners Jeffrey M. Fisher and James L. Day were named to the 2020 list of “Top Intellectual Property Lawyers” in California by the Daily Journal...

Read More
Publication

Monetizing University Patent Portfolios During the Economic Downturn

Colleges and universities may be leaving money on the table with under-utilized patent portfolios. The time is right, as the law has shifted in favor of patent owners, both in inter partes review litigation...

Read More
Publication

COVID-19 IP Lessons: Consider the Big Picture

In any crisis, there are always those that look to take advantage of the situation.  The coronavirus pandemic is no different. Here, we have highlighted a few of the most egregious fortune hunters, attempting...

Read More
Publication

Tips for Efficiently Managing New Trade Secret Risks Created by Shelter-In-Place Restrictions and Remote Working

On April 14, 2020, California Governor Gavin Newsom outlined the six “critical indicators” the state will monitor during the next phase of its COVID-19 response as it considers when to modify its statewide shelter-in-place...

Read More
News

Winston Liaw Selected as 2020 Leadership Council on Legal Diversity Pathfinder

Read More
News

Gov't Drops IP Theft Charges Against Ex-Jawbone Workers

Law360 reported that the U.S. Attorney’s Office for the Northern District of California in San Jose moved to dismiss all trade-secret-theft charges against the remaining four defendants in what was originally a six-defendant case...

Read More
News

Farella Braun + Martel Attorneys, Practices Recognized by Chambers USA 2020

SAN FRANCISCO, April 23, 2020: Farella Braun + Martel announces that Chambers USA has recognized 12 lawyers and five practice areas in the legal directory’s 2020 edition. Individual Rankings: Tyler Gerking – Insurance: Policyholders...

Read More
Publication

Tech Companies Should Strongly Consider Monetizing Their Patent Portfolios During the Economic Downturn

The COVID-19 pandemic and widespread shelter-in-place orders have hit every corner of the country’s economy, including tech companies of all sizes. Many tech companies have traditionally maintained large patent portfolios to enhance company value...

Read More