5 Ways to Secure Your Intellectual Property During Corporate Transitions
When it comes to departures or transactions, employment agreements and data security can only get you so far without a proactive plan.Major corporate transitions…
August 28, 2017 at 10:29 PM
6 minute read
The original version of this story was published on Law.com
When it comes to departures or transactions, employment agreements and data security can only get you so far without a proactive plan.
Major corporate transitions are never easy. Whether it's an employee departure (key executive, large workforce reduction or others) or a corporate transaction (merger, acquisition, divesture), there are lots of risk factors to a company every time a major transition takes place.
During such transitions, one such risk factor that oftentimes goes undetected is the vulnerability of your organization's valuable IP. Employment agreements and data security can only get you so far without a comprehensive proactive plan. In fact, according to a survey by The Ponemon Institute and Symantec, nearly 60 percent of people who had recently left or lost their jobs admitted to taking confidential company information on their way out the door.
The most common example of this information vulnerability is the theft of trade secrets—such as personal contact information, customer lists, pricing information and business procedures—but in the case of these corporate transitions, it could also include other types of IP, such as the misappropriation of copyrights, trademarks and patents. The loss of sales, the expense of legal fees and the time of tracking down and recovering stolen IP are only some of the examples this loss of IP can harm a company.
Here are five ways to secure and protect your company's IP during a corporate transition:
|
1. Know your data.
Start by having a data map in place, as well as a clear data preservation plan. This will allow you to have an overall understanding of the different types of data your team members utilize and where that data resides. With this picture in front of you, identify key risk points. These could be data that is readily accessible and the data most meaningful to you as a company.
Another key need is to know how your employees use their data. For example, do your employees use personal email for work (even if you tell them not to) or do they utilize text messages for work purposes?
|2. Centralize and audit data collected for litigation or investigation purposes.
Understandably, there is significant concern among corporate executives over the practice of sending data to a variety of locations in the middle of a litigation dispute. It's best to limit these data stores and to make sure they are vetted for security purposes. The same vetting used for other IT related initiatives and vendors should be used for these third-party resources. You do not want a situation where you send the very data you are trying to protect only to have it breached at one of these vendors.
Also, make sure that the appropriate team gets regular reporting on where the data is stored, how it is stored, if it really needs to be there and specifically how the data will be removed once it's off legal hold. At the conclusion of the transitional event, be ready to verify that the data has been removed in a manner consistent with the corporate retention policies.
|3. Identify key IP in transactions.
Corporate transactions are often exciting events that can reshape a company's future, however, given the fast pace and often large number of employees and amount of data at issue, it can be difficult to manage appropriately and efficiently. For example, companies can search through large sets of data to identify particularly key documents that could prove devastating to your company down the road.
If your organization doesn't have adequate internal data security capabilities, reach out to an outside service provider that can go behind the network, identify your valuable IP and make sure it is not lost during a divestiture or M&A activity. In fact, it's particularly crucial in divestitures to make sure IP unrelated to the divestiture is not accidentally transferred to the new entity.
|4. Know your roles and responsibilities.
It's important to have clarity about the people within your organization who are best qualified to manage key aspects of data security during these transitions. For example, who in your IT or legal department will handle coordination of any data production requests during a transition event? Who on your IT or legal team or from an outside service provider will handle the collection of any high-value data? For example, if your organization is a Silicon Valley company that doesn't want to stifle innovation by limiting access to certain tools, then line up a consistent outside resource that has familiarity with similar companies. Finally, assign an individual who will be responsible for managing any necessary “holds” and establish a protocol for tracking all holds.
|5. Protect against data loss in employee transition.
The first job of the individual/team tasked with being in charge of protecting data loss is to identify key employees who have access to sensitive company data and/or potentially relevant data. For the specific event of an employee transition into a new position or departure to a different company, preserve copies of your employees' machines.
Also, identify any proactive measures you want to take during departures and transitions so that sensitive company data—including any data that may be relevant to a hold—is not deleted or transferred. There are also tools available in the market place that allow for the monitoring of activities for high risk individuals or data sets.
|Conclusion
Corporations are sometimes unprepared for the danger that a major corporate transition can pose to your intellectual property. Employee departures, workforce reductions and corporate transactions are common examples of events that can make for a perfect storm of IP security threats. It's important to be proactive in implementing some best practices in order to protect your IP before it walks out the door.
The opinions expressed in this article do not necessarily reflect the views of O'Melveny or its clients, and should not be relied upon as legal advice.
John Del Piero is vice president of global e-discovery solutions for Discovia, a Lighthouse company. John focuses on developing integrated partnerships with law firms and corporations to manage fast-moving, complex litigation and investigations with varying privacy and regulatory restrictions. Jennifer G. Swanton serves as discovery counsel for Medtronic PLC and is based in Charleston, S.C. In this role, Swanton is responsible for overseeing the preservation, collection, processing and review of data needed in response to a variety of matters, as well as developing and implementing longterm discovery strategy. She also serves as the legal adviser for the records management, information governance, privacy and cyber security teams. Cardine directs O'Melveny & Myers practice support and e-discovery technology department. The group consults with the firm's legal teams and clients globally on the strategic application of technology to legal challenges. Anthony provides consultative services to clients in the areas of litigation readiness, electronic discovery and legal technology solutions.
This content has been archived. It is available through our partners, LexisNexis® and Bloomberg Law.
To view this content, please continue to their sites.
Not a Lexis Subscriber?
Subscribe Now
Not a Bloomberg Law Subscriber?
Subscribe Now
NOT FOR REPRINT
© 2024 ALM Global, LLC, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.
You Might Like
View AllTrump Likely to Keep Up Antitrust Enforcement, but Dial Back the Antagonism
5 minute readA Blueprint for Targeted Enhancements to Corporate Compliance Programs
7 minute readTrending Stories
- 1Infant Formula Judge Sanctions Kirkland's Jim Hurst: 'Overtly Crossed the Lines'
- 2Trump's Return to the White House: The Legal Industry Reacts
- 3Election 2024: Nationwide Judicial Races and Ballot Measures to Watch
- 4Climate Disputes, International Arbitration, and State Court Limitations for Global Issues
- 5Judicial Face-Off: Navigating the Ethical and Efficient Use of AI in Legal Practice [CLE Pending]
- 6How Much Does the Frequency of Retirement Withdrawals Matter?
Who Got The Work
Michael G. Bongiorno, Andrew Scott Dulberg and Elizabeth E. Driscoll from Wilmer Cutler Pickering Hale and Dorr have stepped in to represent Symbotic Inc., an A.I.-enabled technology platform that focuses on increasing supply chain efficiency, and other defendants in a pending shareholder derivative lawsuit. The case, filed Oct. 2 in Massachusetts District Court by the Brown Law Firm on behalf of Stephen Austen, accuses certain officers and directors of misleading investors in regard to Symbotic's potential for margin growth by failing to disclose that the company was not equipped to timely deploy its systems or manage expenses through project delays. The case, assigned to U.S. District Judge Nathaniel M. Gorton, is 1:24-cv-12522, Austen v. Cohen et al.
Who Got The Work
Edmund Polubinski and Marie Killmond of Davis Polk & Wardwell have entered appearances for data platform software development company MongoDB and other defendants in a pending shareholder derivative lawsuit. The action, filed Oct. 7 in New York Southern District Court by the Brown Law Firm, accuses the company's directors and/or officers of falsely expressing confidence in the company’s restructuring of its sales incentive plan and downplaying the severity of decreases in its upfront commitments. The case is 1:24-cv-07594, Roy v. Ittycheria et al.
Who Got The Work
Amy O. Bruchs and Kurt F. Ellison of Michael Best & Friedrich have entered appearances for Epic Systems Corp. in a pending employment discrimination lawsuit. The suit was filed Sept. 7 in Wisconsin Western District Court by Levine Eisberner LLC and Siri & Glimstad on behalf of a project manager who claims that he was wrongfully terminated after applying for a religious exemption to the defendant's COVID-19 vaccine mandate. The case, assigned to U.S. Magistrate Judge Anita Marie Boor, is 3:24-cv-00630, Secker, Nathan v. Epic Systems Corporation.
Who Got The Work
David X. Sullivan, Thomas J. Finn and Gregory A. Hall from McCarter & English have entered appearances for Sunrun Installation Services in a pending civil rights lawsuit. The complaint was filed Sept. 4 in Connecticut District Court by attorney Robert M. Berke on behalf of former employee George Edward Steins, who was arrested and charged with employing an unregistered home improvement salesperson. The complaint alleges that had Sunrun informed the Connecticut Department of Consumer Protection that the plaintiff's employment had ended in 2017 and that he no longer held Sunrun's home improvement contractor license, he would not have been hit with charges, which were dismissed in May 2024. The case, assigned to U.S. District Judge Jeffrey A. Meyer, is 3:24-cv-01423, Steins v. Sunrun, Inc. et al.
Who Got The Work
Greenberg Traurig shareholder Joshua L. Raskin has entered an appearance for boohoo.com UK Ltd. in a pending patent infringement lawsuit. The suit, filed Sept. 3 in Texas Eastern District Court by Rozier Hardt McDonough on behalf of Alto Dynamics, asserts five patents related to an online shopping platform. The case, assigned to U.S. District Judge Rodney Gilstrap, is 2:24-cv-00719, Alto Dynamics, LLC v. boohoo.com UK Limited.
Featured Firms
Law Offices of Gary Martin Hays & Associates, P.C.
(470) 294-1674
Law Offices of Mark E. Salomone
(857) 444-6468
Smith & Hassler
(713) 739-1250