Businesses today have more types of informational assets than they may initially realize. These assets include company data, intellectual property, confidential information, and personally identifiable information. While these categories are related, and in many cases overlap (for example, client lists, know-how, etc.), businesses should consider important distinctions between such assets that require different handling and protections. These issues are particularly relevant in relationships between your business and a third party, for example:
- Employee and independent contractor agreements that address access and use of such assets
- Contracts with vendors (such as creative, technology, and manufacturing providers)
- Business arrangements such as joint venture, investor, and profit-sharing agreements
- Policies and agreements addressing privacy and data security
To ensure your assets are properly protected, your business needs written documents that clearly address ownership of each type of asset, and the rights and obligations of each party. Our goal is to help your business obtain the desired outcome in any given relationship, and we can help you carefully consider how to treat certain types of information/assets and recognize aspects that may require they are handled differently.
Company Data
During the course of business, you may share certain company data with vendors, business partners, etc., that does not necessarily fall under the definition of PII, Confidential Information, or Intellectual Property. However, it is important that businesses still protect such data, and we can assist by ensuring that language addressing your business’s ownership of company data, the retention and return/deletion of such data, etc., is included in all relevant contracts. If your company follows a data management policy that mentions security and retention of data, that policy may be something you ask third parties you contract with/that you will be sharing data with to follow as well. Including an overarching term for your company’s data/assets can help ensure that any information not otherwise defined does not slip through the cracks.
Intellectual Property
Intellectual Property generally refers to a company’s patents, trademarks, copyrights, and trade secrets. Intellectual Property is a huge value to a business and should be treated by companies as a distinct asset whereby ownership, liability, and indemnity of the same is carefully considered when entering into agreements with third parties. Businesses may wish to clearly address Intellectual Property in any internal data management and security policies as well.
Confidential Information
The term “Confidential Information” broadly refers to a business’s proprietary information and is commonly defined in agreements. However, many contractual provisions covering parties’ treatment of Confidential Information are bilateral, meaning that the same obligations are placed on both parties to the agreement. Thus, companies should be aware of the responsibilities they are agreeing to take on regarding their treatment of the other party’s Confidential Information. An attorney can also assist you with drafting contractual language that addresses unintended disclosures of Confidential Information.
Personally Identifiable Information (PII)
Several U.S. states have enacted data privacy laws that place requirements on covered businesses regarding their treatment of consumers’ PII. Further, all U.S. states have passed some type of legislation that addresses data breaches involving PII. Because PII is becoming more and more regulated, businesses should ensure that their internal data management/security programs, as well as their contracts with third parties, clearly define PII and set out requirements regarding the treatment of this type of information. Best practices also require that businesses protect consumers’ PII via reasonable security measures considering the nature of the information.
The different types of data and assets mentioned above all provide unique value, but also present discrete threats to your company if not treated distinctly and properly. We recommend having an attorney draft or review your business’s contracts with third parties to ensure that your assets are properly considered and protected, and that you have minimized legal risks as much as reasonably possible.
– Rina Van Orden, Esq. and Courtney Reigel, Esq.
(This is not intended as legal advice. Contact a lawyer for assistance in your particular situation.)