Protecting Trade Secrets: What Small Business Owners Need to Know
Feb. 5, 2020
Entrepreneurs and small businesses have copyrights, trademarks, patents, and trade secrets. Trade secret protection is the way small business owners can safeguard their confidential information or valuable technical knowledge from becoming public. From cyberattacks to former employees who disclose information to a competitor, small business owners have intangible assets that need a security strategy of protection. But, what exactly constitutes a trade secret?
What Small Business Information Falls under Trade Secrets?
Do you have proprietary computer algorithms under development that has yet to be released? How about tested marketing plans that leave competitors in the dust? Or perhaps, a confidential client list with associated cost and price details? Maybe it’s a manufacturing process that differs from other techniques in the industry? All of this information could benefit from trade secret protections. No small business owner wants to see their employee, who is hired by a competitor, to take their customer list and pricing information along with them. Unlike patents, trademarks, and copyrights that require registration, trade secrets can be done by any small business owner. There is no period of statutory limitations; however, once the information is made public trade secret protections cease.
The Steps Small Businesses Need to Take for Trade Secret Protection
No court will protect a secret that you did not preventatively try to protect. To mitigate risk and provide the greatest possible protection, here are steps to safeguard intangible, yet invaluable assets:
Understand the Texas Uniform Trade Secrets Act (TUTSA). In the state of Texas, the disclosure or use of a trade secret acquired through a broken confidentially agreement between employer and employee, through fraud, theft, hacking or bribery constitutes misappropriation. Trade secrets can include patterns, computer programs, apps, formulas (like the recipe to Dr, Pepper), methods, processes, and devices.
Identify trade secrets and be selective about which positions should have access to those trade secrets. Preferably, access should be given to only those employees who need the data or information to perform their jobs.
Keep trade secrets physically away from other data or information and labeled as ‘Confidential’ or ‘Secret.’ Employees should also be instructed to never discuss either the trade secret or its location outside secured areas.
Have employees sign a non-disclosure agreement, non-compete or non-solicitation agreement. A non-disclosure agreement prevents employees from disclosing sensitive information while they are employed by a company and a non-compete keeps employees from setting up a similar business within a specific distance and time period after their separation from a company. Non-solicitation is an employment agreement that prevents an employee from using client and contact information for their own personal gain after leaving a company. Consider having third-parties such as contractors or vendors sign agreements, too. Ensure that the agreement mentions that the employee has been given access to trade secrets and that they are required to report any unauthorized disclosure or use of the information.
Require anyone with access to your networks to sign an agreement indicating they will not access the information they do not have a business purpose to access and also use technology to ensure classes of employees only access the data they need.
Perform exit interviews consistently. This is an opportunity to remind departing employees of their obligations to the non-disclosure agreement they signed. It is also the right time to collect security badges, documents, keys and other items that deal with the trade secret information or its location. Be sure to remove the departing employee’s security codes to locks to safes or physical property. Obtain, change, or remove user identification logins and passwords from any proprietary computer systems the employee might have used. Have any company devices, laptops, notepads, and phones examined to identify any mishandling of trade secrets or confidential information.
Implement network and application security. It’s more than just using strong passwords to stop unauthorized personnel from accessing confidential information. These days many small businesses use cloud networks, like Google Docs, and Dropbox and need to appoint restrictive security measures. These systems grant businesses’ administrative rights to not only restrict which employees have access to the system but also restrict which information they are allowed to access, copy, share, email or print. Many innovative systems, including CRM, ERP and sales databases, can track and log employees’ use of the sensitive information while working and even set alerts if mishandling occurs if sent or shared outside the organization.
Write and enforce a Trade Secret Policy statement. Key elements of a trade secret policy should include a statement that describes the information a small business wants to protect as a trade secret, that the disclosure of the information is strictly prohibited, and that employees can expect disciplinary action should the information be disclosed. It should also state that an NDA is required of every employee that handles this type of information.
Train employees on what it means to abide by a Trade Secret Policy. Training allows small business owners to review specific situations where trade secret policies can be inadvertently broken by employees even in their daily work routines. At the very least, train employees not to publicly share information about trade secrets in conversations with competitors, on social media or in emails. It’s also a good time to remind employees not to access trade secret information on public WIFIs or computers.
Overall, administering any of the above steps can reduce the risk for small businesses and make it challenging for any employee to find success in stealing trade secrets. If the worse should happen, small business owners can now prove beyond doubt that the information, defined as a ‘trade secret,’ was misappropriated under TUTSA.
Give us a call to help preventatively protect the trade secrets that make your organization valuable.