|
To find out how we can make such an impact on your recruitment needs
Contact us on:
Northampton
01604 239555
Kettering
01536 416615
|
|
 |
|
|
|
| Industry News |
 |
Keeping a level playing field – fighting the theft of confidential information
December 2007
Loss of confidential information is an acute business risk for organisations. In a recent US case, a business estimated that the value of information which one of its employees passed to its business rivals had exceeded $400m.
Extreme thought this case may be, confidential information can be one of the most valuable assets any business owns – and because of employee’s often unrestricted access combined with the ease of which eData can be copied and transferred by insiders – one of the most difficult to safeguard.
All businesses recognize that ultimately you beat your business competitors in the marketplace and not in the Courtroom, but you are entitled to expect a level playing field with everyone playing by the same rules.
The recruitment industry, unfortunately reports a particularly high incidence of confidential information theft by insiders – often when moving to rivals or setting up in competition. The reality is that information, like client and candidate details, databases, financial information and business opportunities represents the “crown jewels” for any recruitment business. But while nobody would leave the office account cheque book lying around, the same common sense is not always applied in protection confidential information.
What practical steps can be taken to minimize the risk of confidential information theft by insiders to promote unfair competition and if the worst happens, to minimize the impact of data theft?
You need to control your eData in the day to day course of your business, get you contracts right and taker swift and effective action to enforce your legal rights.
You should manage the risk by reviewing your IT policies and controls:
- Restrict access to key sensitive data
- Implement retention and archiving policies
- Implement and enforce e-mail policies to include the detection of e-mails which do not seem work related or fit with the status/role of the relevant employee.
- Have procedures in place to deal with the departure of key insiders
- Review contractual safeguards and procedures, for example by ensuring that
contracts of employment contain:
- Enforceable restrictive covenants preventing post termination
Competition and the enticing away of clients and staff
- Clauses dealing with confidentiality (and the misuse of confidential
information) and employee fidelity
- Clauses dealing with the ownership of intellectual property created in the course of employment
- Dealing with the return of company property(such as laptops, mobile phones, blackberries etc)
Be aware of all the business’ legal rights – if the employee is also a company director, he or she will have a whole raft of onerous statutory duties as an officer of the company in addition to duties owed as an employee. These include duties not to compete, put himself or herself in a position of potential of actual conflict with the company’s interests, divert actual or potential business opportunities and misappropriate assets including confidential information.
The consequences for breach can be very serious indeed for a former director – including personal liability and the potential that his or her new business may be forced to pay compensation or even to disgorge the profits of illicit competition.
If you need to take legal action to protect your business, the key is aped. The Court can grant injunctions stopping illegal activity and this is often the key remedy when confidential information has been misappropriated and ex-employees are committing a breach of their contractual or statutory duties. But injunctions are serious stuff – the Court requires clear evidence of wrongdoing and delay can be fatal – both commercially in the marketplace and in the Courtroom.
So you must therefore act swiftly to identify the risk and to initiate legal action. Knowledge is power. A business which fears it has lost confidential information and faces illicit competition should:
- Initiate appropriate crisis management IT procedures to ensure that eData can be accessed and is not lost or destroyed this involves identifying the key data custodians and the hardware upon which key data may be stored – not just desk and lap tops. Secure all hardware and media on which eData can be stored such as mobile phones, blackberries etc.
- Engage the right professional advisers and experts who can quickly identify, retrieve and filter the data and who can work quickly and efficiently in association with your legal advisers to produce a “joined up” response and to build the legal case.
You must get into Court quickly to enforce your legal remedies, which will minimize adverse publicity and the impact on competitive advantage, business reputation and senior management time, with minimum disruption to the day-to-day business.
The bottom line is that prevention and cure cannot be viewed in isolation – you need joined up thinking to beat the cheats.
KPMG, DWF and REC are hosting a joint seminar to discuss the ways in which businesses can reduce the risk of data breach and stolen confidential information being released to their competitors.
The seminar will feature case study examples and lessons learned. Experts from KPMG and DWF will cover practical aspects of IT security and prevention of data breach/ / forensic techniques involved in investigating and identifying evidence of data breach, managing legal risk by effective contract drafting and enforcing legal rights, including obtaining emergency injunctions.
Source: REC Legal Bulletin December/January 2008
« back
|
|
|
