There are real and hidden perils in the use of NDAs. Using a DIY approach, you may not get the protection you think you are getting. The problem is that you won’t find out until it is too late to do anything about it.
Don’t fall into the trap of thinking NDAs are just standard documents that can be downloaded off the internet for use. These certainly work if you never need to use them. They work if everyone does what they are supposed to and it is a problem free transaction. But if that was always the case, would you need the NDA in the first place? Probably not. You get the NDA because you need to protect your valuable information and you want the ability to seek court assistance to enforce your rights if the other party wrongfully leaks or uses your valuable information.
Three things you need to know about NDAs: Not all NDAs are equal. Not all NDAs are good in all situations. The precise language needed in NDAs differs across the states.
While many NDAs may look similar, there really isn’t a “one size fits all” document. The truth is that NDAs can be unenforceable if they are too broad and they can fail to protect all of your valuable information if they are too narrow or fail to include certain clauses. For example, clauses are needed if the protected data and information includes personally identifying information of customers or employees. In such cases, clauses are needed to address related legal issues such as data security, privacy, HIPPA, data breach notification, insurance or treatment of data at the end of the NDA term. (Will it be returned? Destroyed?)
NDAs must also be limited in scope to that which is reasonably necessary to protect the business’ interests and sensitive information. Overly broad NDAs that contain long lists of data and information to be protected can backfire because NDAs that attempt to protect information which is not qualified as a trade secret can be deemed unenforceable. There are also many clauses contained in “standard form” NDAs that may not be enforceable, including injunctive relief clauses and non-compete clauses. Not all states or courts will enforce these provisions even if contained in an NDA. You could be left with a false sense of security and less protection that you counted on when providing your data to the other party.
Professional guidance can also help increase the protection of the NDA by helping you to use the NDA properly for maximum legal protection of your proprietary assets. NDAs alone will not operate to protect your business proprietary information. In order for judicial enforcement of a trade secret claim, the injured business must show that it took commercially reasonable steps to protect its information in light of the value of the information being protected and applicable business standards and practices. While NDAs are certainly an important part a trade secret protection program, the business must also adopt other practices aimed at protecting its proprietary information. This includes limiting access to the information to those on a need to know basis, labelling confidential documents as such, and implementing policies and training procedures for identifying and protecting sensitive information.
If your business information is worth protecting, using an attorney to review and prepare a custom agreement for the unique situation at hand can be money well spent. If it not worth a few hundred dollars to protect, then maybe you don’t need to protect it at all.