If you have signed a confidentiality agreement with another party, there are many ways you can ensure you protect the confidential information you give to the other party (or that you are given access to by the other party) and comply with your obligations under the confidentiality agreement.
• Identity: Everyone in your business needs to know who is authorised to receive confidential information and who is not. Don’t assume that just because someone is copied in on an email that you can share the confidential information with them.
• Labels: Mark any documents containing confidential information as “confidential”. Do the same for emails with confidential attachments.
• Record keeping: Keep a list of the confidential information that has been given to the other party. You’ll then have a record of the information and documents the other party must return or destroy.
• Guidance: Make sure everyone in your business is clear on the methods you will be using to keep the information confidential and keep them updated with any changes in policies and procedures.
• Passwords and encryption: Minimise the possibility of accidental disclosure by password-protecting documents or using software to encrypt them. Using these methods can take some time and effort to put into place.
• Electronic copies: Save copies in a secure network and ensure access is restricted. Continue to audit your security measures and update them as needed to safeguard electronic copies.
• Hard copies: Go old school. If something is particularly confidential and/or sensitive, consider providing it in hard copy form, to a small number of recipients and/or during a meeting. Number any copies to ensure all are returned at the end of the meeting. Store hard copies in a locked cabinet.
• Data rooms: New-ish school and more suited to a funding round with multiple potential investors rather than a one-off exchange of information. An electronic data room offers many ways to protect confidential information including password access, creating custom access rights for different users (e.g. locking down some areas of a data room until a particular milestone is reached), restricting what a user can do with the documents (e.g. view only, print with watermarks).