Confidentiality in Practice
Confidentiality agreements are common in practice, but how do you manage them? Cordilia Thomas, Risk Manager from Planned Cover, takes us through the basics and offers tips on managing your confidentiality obligations.
While you are busy working on your project, your client calls you to explain that you and your team are required to sign a Confidentiality Agreement to continue working on their project. What do you do? Let’s start with…
What is a Confidentiality Agreement?
A confidentiality agreement is a legally binding contract where one party shares confidential information (Discloser) to another party (Recipient). In simple terms, it is where one or more parties share information that they deem to be confidential with another, with the expectation that the information is kept confidential and only disclosed for the agreed purpose, as stated in the agreement. They are also known as confidentiality statements, non-disclosure agreements, non-disclosure forms, proprietary information agreements, or secrecy agreements.
Confidentiality agreements can be mutual, where the client and consultant both promise to protect each other’s confidential information, but more often they are one-sided, where only the client’s information is protected.
Some clients may require you to sign a confidentiality agreement early in discussions, so you are bound by the obligation of confidentiality even before they disclose commercially sensitive information regarding a potential project, costs, plans and so on.
A Confidentiality Agreement should contain:
- Party names
- Definition of ‘Confidential Information’
- Purpose of the Agreement
What is confidential information?
Confidential information can take the form of documents, telephone conversations, financial data or drawings and the like. Essentially it is when information is shared with you (in any form), on the understanding that you will not share it with anyone else. Whether the information is confidential or not is usually decided on a case-by-case basis, and there is no legislated list as to what is or is not confidential information. Consultants often receive information from their clients that is likely to be confidential, such as trade secrets, operational methods, business strategies, cost estimates and so on. Even your own information as consultants may be confidential – for example, your fees.
Our workplaces today have changed drastically from the traditional office environment. It is therefore even more important to manage and monitor the use of confidential information amongst team members efficiently, especially with staff working from home. The element of confidentiality also becomes crucial when using public domains and non-secure internet connections. It is also important to remember that chat histories from internal workplace chats can form part of evidence in a court proceeding.
Apart from Confidentiality Agreements, some consultancy agreements may also contain confidentiality clauses as mentioned above. An example clause contained in a consultancy contract is as follows:
The Consultant must keep confidential, details of this Contract, the Services and all information provided to, or by, the Consultant relating to the Services or the Contract and not provide, disclose or use such Confidential Information or documents.
When accepting a confidentiality obligation in a contract, be aware that some clauses are drafted so narrowly that they could prevent you from sharing vital information with other parties on the project. Check the ‘Definitions’ section of your contract to see how ‘Confidential Information’ has been defined. Narrowly drafted confidentiality clauses may sometimes prevent you from sharing information with contractors, sub-consultants, other consultants or even employees. Accepting such obligations can impede the performance of your services.
How can you protect your own confidential information?
There are times when you might want to protect the materials and information that you provide as well. In that case, seek the advice of your solicitor to draft a clause in your contract or confidentiality agreement to protect the information you have provided to the client or other parties.
Breach of confidential information
An actual breach occurs when the recipient of the confidential information fails to comply with the contractual obligations and discloses or misuses the confidential information. We can look at the case of Coco v AN Clark (Engineers)  RPC 41 where Megarry J outlined three provisions that are required to enforce a breach of confidence at common law (although these baseline common law criteria can be altered by the provisions of a contract)::
- The information must be confidential
- The information must have been communicated assuming an obligation of confidence
- There should have been unauthorised actual or threatened misuse of the confidential information.
Client contracts also sometimes contain a clause requiring you to return or destroy confidential information. Breaching confidentiality can render you liable to pay compensation for resulting loss or require that you surrender any profits you made from the breach.
How can you manage your confidentiality obligations?
Some tips to help you manage confidential information:
- Have a well-established document management and archiving procedure;
- Keep records of signed confidentiality agreements from your employees or sub-consultants;
- Make sure that any confidentiality obligations you have with your client is mirrored in your sub-consultancy agreements;
- When destroying old files, consider whether the confidential information you hold in paper form requires shredding or other secure destruction;
- Be aware of confidentiality obligations that extend beyond the construction or termination period of your project;
- Before disclosing information that may be confidential, seek legal advice, or seek specific permission from the party to whom the information applies.
Cordilia Thomas is a Risk Manager with Planned Cover.
This article is only general advice in respect of risk management. It is not tailored to your individual needs or those of your business, nor is it intended to be relied upon as legal or insurance advice. For such assistance you should approach your legal and/or insurance advisors.
informed by Planned Cover also offers a Practice Guide on Confidentiality for Planned Cover clients for further guidance on this topic.