When Employees Leave: Make Sure Trade Secrets Are Protected


This is the second in a three-part series of articles on what to do when employees leave the business. This article explores how employers can protect trade secrets and other confidential information. Read the first part on conducting exit interviews and the third part on transferring social media accounts.


echnology has made it easier for departing employees to take confidential business information to a competitor—perhaps they moved customer contact information to their smartphone, e-mailed marketing plans to their personal address or transferred documents to a flash drive. Here's what employers can do to safeguard their information.

Businesses have the greatest chance of protecting their confidential information by making sure that they regularly execute a standard set of practices upon employee departure, said Danielle Ochs, an attorney with Ogletree Deakins in San Francisco. She suggested that employers:

  • Monitor e-mail traffic and computer access for unusual activity.
  • Conduct exit interviews and inventory checks.
  • Obtain a return-of-property certificate.
  • Issue reminders of confidentiality obligations.
  • Terminate access to computer assets and accounts as soon as the employee departs.  

During the exit interview, employers should find out why workers are leaving and where they are going, said Robert Yonowitz, an attorney with Fisher Phillips in Irvine, Calif. If an employee is going to a competitor, the employer may want to preserve the worker's computer before it is issued to someone else to ensure confidential information wasn't taken. "Get a snapshot of their account," he said.

"Hard drives are cheap," he added. So, particularly for higher-level employees who had access to key information, employers may be better off just storing their hard drive and replacing it with another one—then the information is preserved.

Yonowitz noted that technology can help employers track where information is going. Employers can log keystrokes and attempts to access restricted databases or make copies of confidential documents. "This gives employers real-time knowledge if people are doing things they shouldn't."

Employers can also use anti-deletion programs and can generate reports of everything a worker attempted to delete in the last 60 days or so. For instance, if an exiting employee e-mailed a customer list to a personal account and attempted to delete the e-mail trail, that information will be in the report, Yonowitz said.

Start from the Beginning

A good way for employers to protect their confidential information is to start with solid onboarding procedures. Employers should have workers sign confidentiality agreements and should track any equipment and access that is provided.

If employees are allowed to telecommute, employers should consider a policy that requires employees to perform all of their work on company devices, Yonowitz said. "It's more difficult to try to parse through their information and yours on a personal device; it's easier just to say everything on the company's devices is company property."

Remind Workers at the End

When employees leave, businesses should revisit the agreements that were signed during employment. "An exit interview provides an employer with a final opportunity to strongly emphasize any continuing obligations the employee may have regarding the confidentiality of trade secrets and employer data when they leave their employment," said Melanie Pate, an attorney with Lewis Roca Rothgerber Christie in Phoenix.

Exit interviews should also consist of a detailed debriefing of the employee's access to and return of all confidential information, Ochs said, including information stored on personal devices and other noncompany digital spaces, such as cloud-based storage, external e-mail, social media and external equipment, such as flash drives.

Additionally, it's important that employers of remote workers maintain an accurate and up-to-date inventory of what has been provided to the employee since hire, she said. Employers should:

  • Provide remote workers with a method of returning equipment and data.
  • Obtain certification that all of the equipment and data have been returned.
  • Require that the equipment be returned by a specific date. 

"Follow-up is key," Ochs said.

The Bigger Picture

Employers should recognize that corporate espionage is a big industry, Yonowitz said. "We hear so much about the theft of trade secrets and sometimes inside employees are used to do it."

[SHRM members-only online discussion platform: SHRM Connect]

Furthermore, when employees are on their way out the door, a new employer may ask them to supply certain information, or employees might want to hit the ground running by using information obtained from a prior employer.

"Maybe employees just aren't clear on what's theirs and what belongs to the company," Yonowitz added. "Make it clear that whatever you do for us is ours, and we own it."



Hire the best HR talent or advance your own career.

Member Benefit: Ask-An-Advisor Service

SHRM's HR Knowledge Advisors offer guidance and resources to assist members with their HR inquiries.

SHRM's HR Knowledge Advisors offer guidance and resources to assist members with their HR inquiries.



HR Daily Newsletter

News, trends and analysis, as well as breaking news alerts, to help HR professionals do their jobs better each business day.