How Do You Draft a Strong Confidentiality Agreement for Employee and Customer Security?

Dear Senior,

Our customers are asking for a confidentiality agreement to be signed by our employees for the work they do on their projects. This is basically for information security and non-disclosure of customer information and data. Our management has agreed on this. Can you share any such Non-Disclosure Agreement or Confidentiality Agreement or suggest a few points which I can add to my draft?

Thanks for your assistance. I look forward to hearing from you.

Regards,
Anuradha

Dear Seniors,

Please help. Our customers are asking for a Confidentiality Agreement to be signed by our employees for the work they do on their projects. This is basically for information security and non-disclosure of customer information and data. Our management has agreed on this. Can you share any such Non-Disclosure Agreement or Confidentiality Agreement or suggest a few points which I can add in my draft?

Thanks for your assistance. I look forward to hearing from you.

Regards,
Anuradha

I have to search for the agreement of non-disclosure ,,,

for time being take these points and edit them a little 8)

.CONFIDENTIALITY OF INFORMATION

a)You will not, during the continuance of this appointment and thereafter, disclose, divulge or communicate to any interested or other persons, whatsoever, any information relating to the company's technical know how, business practices or any other information of a confidential character.

b)The employee shall treat all information obtained by him/her during the course of his/her employment with the Company, either directly from the other employees of the Company, or during the course of his / her work with the Company, as strictly confidential.

c)Such information may include, without limitation, the Company's finances, customers, clients, modes of operation, information relating to research, development, trade secrets, contact names, addresses, phone numbers, etc., but shall not include information known or available to the Employee prior to his / her employment with the Company and/ or readily available to persons of ordinary skills in the assigned areas of technical / business expertise.

You will not disclose by word of mouth or otherwise, particulars or details of business plans /trade secrets /finance /administration/ know how / and or any confidential information of business coming to your knowledge by virtue of your being in the employment of “Company Name” .

Dear Ravishankar,

Thank you very much for the information you provided. :) Here is a sample of a Confidentiality Agreement for everyone to share!

Regards,
Anuradha

Hi Anuradha,

I have uploaded the NDA used by our company earlier on CiteHR. For your reference, you can follow the link below to access a sample NDA copy.
[The link no longer exists - removed]

Thanks & Regards,
Chandrakanth

Just signing an NDA does not get a client or a company anywhere. What happens when your employees discuss company affairs in a cab, canteen, or a junior reports to his boss from the field, or people use the office PC at home and vice versa? A chain is as strong as the weakest link. The first step is to formulate an information security policy, procedures, controls.

Ask your company to buy a manual on ISO 27001 (Information Security Management). Your IT manager should be able to help you provided he is trained on ISO standards beforehand; otherwise, after buying the manual and reading it 2-3 times, let me know.

I am CISA from STQC.

Surya

Dear Surya,

Yes, I too agree with you on this matter. We are in the process of implementing ISMS (Information Security Management System) in our company, so one of the measures required for this is to have employees sign an NDA policy. One clause in the NDA states that employees cannot mention customers' names in their resumes.

Regards,
Anuradha

Dear Anuradha,

There are two aspects that you need to cover:
- NDA between employees (Inter)
- NDA between vendors (Intra)

These cover all aspects like sharing of information, etc. With vendors like Payroll, you need to specify terms for CDs, software licenses, disaster recovery, etc. There are more details that have to be specifically catered for.

Thanks,
Siddharth

Does the NDA have to be in affidavit form, or would a company letterhead suffice? Please guide.