There are a lot of ways to accidentally expose sensitive information to your company’s visitors.
Trust us: We’ve heard plenty of cringe-worthy stories on the topic from our customers. (There’s nothing like a confused, unescorted visitor stumbling into a confidential meeting to get you scrambling for a better visitor management solution.)
Businesses are starting to understand that security improves a lot when there’s a simple, reliable way for visitors to check in and connect with the people they came to see.
But some companies are taking it a step further by having their visitors sign non-disclosure agreements as they check in too. That way, even if the visitor does hear or see something confidential, the company has some legal recourse.
Visitor management programs like The Receptionist for iPad have put legal documents such as NDAs at the fingertips of the front desk staff, so it’s easier than ever to collect signatures and securely store them.
But should you do it at your company? In some industries, visitor NDAs are absolutely necessary. In other cases, what may have seemed like a harmless extra precaution could cause some blowback.
Here’s what you need to know to decide whether your visitors should be signing NDAs.
An Intro to NDAs
The general purpose of a non-disclosure agreement is to protect your company’s “trade secrets”—the legal term for confidential information that’s valuable to your business.
NDAs may also simply formalize your relationship with another party as a confidential one.
In layman’s terms, NDAs state that a company can take legal action against anyone who shares private information that they agreed not to—whether they’re using it for their own gain, giving it to others, or even being careless enough with the information that it falls into the wrong hands. They also may specify the terms of the potential legal action, such as where it will take place and who will pay for legal fees.
NDAs, sometimes called “confidentiality agreements,” typically contain the following elements, according to FindLaw:
- A definition of the information to be kept confidential. This can be somewhat tricky without describing the information itself, but a general description like “programming” or “product designs” usually does the trick.
- A possible list of things that are NOT considered confidential. The law often already clarifies that certain things cannot be kept confidential, and these and any other areas are typically noted.
- A description of the signee’s duties and obligations. This may list specifically what’s expected when it comes to keeping these secrets.
The NDA may also include an end date for the agreement and any extra provisions specific to the situation.
Perhaps the most common use of the NDA is for employees or contractors. Companies hope that NDAs, in conjunction with non-compete agreements, will prevent staff from taking their skills and secrets to competitors.
Other times, inventors or entrepreneurs request NDA signatures from potential investors or advisors to keep their business idea under wraps. It’s also common to request an NDA if you’re sharing your company’s inner workings with potential buyers or other consultants.
Finally, businesses with security concerns may require an NDA of anyone walking into the building. This is especially common at companies that rely on tech secrets and have lots of leverage (Google, for example).
NDAs Are Not Foolproof
NDAs can seem like very powerful tools—as long as they’re worded correctly and approved by an attorney.
But there are plenty of experienced business owners who will tell you that non-disclosure agreements are often difficult to enforce.
For example, NDAs can lose some legal power if:
- The list of what’s supposed to be confidential isn’t clear enough.
- The info that was supposed to be protected becomes public in another way or has become common knowledge (NDAs can’t keep someone from sharing public information).
- The discloser has learned the secret info from another source and not from their NDA-protected interaction with you.
- You can’t prove that someone actually disclosed the info (and proving it can be difficult).
Patent attorney Michael Nuestel, quoted in this Inc. article, summed it up this way: “Non-disclosure agreements are only going to keep an honest person honest. They’re not going to protect you from unscrupulous people.”
We live in a world where you can publish to thousands of people with a click of a button. That means it may only take one small leak from one of those unscrupulous people to render your NDA pretty worthless.
Possible Drawbacks to Having Visitors Sign NDAs
Considering that NDAs can be tricky to enforce, any drawbacks to having visitors sign them become more significant—and there definitely can be drawbacks.
For one, presenting all visitors with a blanket NDA can be bad for branding. If you’re trying to establish a culture that values friendliness, frankness, or fun, a bunch of threatening legalese right at the beginning of a visit is a good way to kill that feeling.
Furthermore, because of the question of NDAs’ effectiveness, some may even see an NDA as a sign of amateurism. Consider this insight from tech entrepreneur Dan Shapiro:
“If someone asks me to sign an NDA, I have to assume they fall into one of three categories.
- They’re a legal terrorist and see great value to getting me to sign it, so they can abuse me later with frivolous lawsuits if they think I leaked something.
- They have leverage, and know that they can probably get me to sign it.
- They’re inexperienced, and don’t realize that absent 1 or 2, it’s probably not worth asking.
#2 is pretty easy to spot, because I’m asking them for money or we’re negotiating a major business agreement. If that’s not the case, then I figure I’m dealing with a terrorist or a novice, and either way I’m going to decline and have second thoughts about working with them.”Visitor NDAs are very necessary sometimes. But in other cases, this extra precaution can have consequences. Click To Tweet
The Benefits of NDAs
Despite those downsides, there are still reasons for certain businesses to add NDA collection to their visitor check-in process. A lawyer is the best person to ask how one can protect you. Make sure to find an attorney well-versed in the laws of your state.
Generally, if you enact NDAs as part of a greater overall strategy to educate staff and visitors about their responsibilities when it comes to security, it builds legal evidence that you are indeed making an effort to keep your secrets safe.
As this legal blog points out:
“In order to protect trade secrets under UTSA or common law, a party must demonstrate that it exercised ‘reasonable efforts’ to maintain secrecy. This typically includes using (and enforcing) NDAs with employees, agents, business partners, and others with access to the information, as well as taking such protective measures as locking up or encrypting sensitive documents, controlling access to computer files, and training employees to protect company secrets.”
You may also consider consulting with your lawyer about whether non-disclosure language could be added to a general visitor access policy.
A visitor policy typically specifies things like appropriate use of WiFi, restrictions on photography or videography, and any other guidelines visitors should observe (the need to wear a badge, for example).
An NDA doesn’t have to be super complex to furnish some protection, so it may be possible to make your privacy expectations clear without adding too many extra pages to the document or intimidating your visitors with tons of legal text.
So, are you ready to get started having your visitors sign an NDA or a visitor policy? Tweet us at @ReceptionistApp and let us know, or check out The Receptionist’s 14-day free trial.