How to prevent (ex) employee disclosure or misuse of confidential information

How to prevent (ex) employee disclosure or misuse of confidential information

SpringLaw

Time to read 3 minutes read
Calendar February 8, 2023

The year is fresh, the snow is fresher, and as is often the case once the holiday glow wears off and the realities of terminations that lie ahead kick in, employers might start feeling a bit of a chill set in. When an employer-employee breakup occurs, things like separation packages, uncomfortable conversations about terminations, and the return of company equipment, will typically cross the employer’s mind as potential pain points. What employers may sometimes underestimate is how painful it can be to have a now ex-employee also collect, use, or disclose the organization’s confidential information to the detriment of the organization. 

Confidential information – Who needs to keep it a secret?

Be it confidential client records, marketing strategies, unpublished patent applications, or source code, employees in Canada have a common law duty to maintain the confidentiality of confidential information. It doesn’t matter whether your employment contracts contain express prohibitions on the disclosure of confidential information. Employees still owe their employers (and yes, previous employers too) a duty of good faith and fidelity which requires them not to reveal their employer’s confidential information. 

What can I do if my employee discloses or misuses confidential information?

You may be able to make a claim against your current or former employees on the basis of such causes of actions as a breach of confidence, breach of contract, breach of fiduciary duty, or unjust enrichment. The remedies you might be entitled to range from monetary damages to injunctions. The bad news is that unless you can prove, with evidence, that you’ve sustained business losses as a direct result of your (ex) employee misusing or disclosing confidential information, the legal fees and time associated with obtaining such remedies may outweigh the value of the remedies awarded in employment cases. That’s why it’s much better to prevent the disclosure or misuse of confidential information before it happens.

Employer takeaways

If you’re considering terminating an employee, you might want to have a conversation with your IT department about shutting down the employee’s access to shared drives and digital platforms, including emails and Slack, during or right after the termination meeting. During this meeting, you should also think about asking the employee to provide all usernames and passwords, instead of hoping they’ll send you this information down the line. 

Better yet, centralize all usernames and passwords in a password management system even if you aren’t thinking of terminating anyone soon. Make sure that your organization has access to every trade secret, and every piece of customer or supplier information your existing employees also have access to. Implement a policy making it clear that employees are prohibited from saving confidential company information on their personal devices. Set out in your employment contracts who retains exclusive ownership of the work product. Significant harm can be avoided when sufficient precautionary measures are taken as early in the employment relationship as possible. 

By Emily Siu

Table of Contents

Compliance Made Easy®

Canada’s most trusted compliance software for quick and easy HR, payroll, and internal controls compliance and policy management.
Book a Demo

Related Posts

Imagen 1

The new age of workplace gossip – TMI!

I’ve discussed workplace gossip here before, and what bosses can do to prevent it or at least reduce the potential harm, but there are a couple of hyper-modern developments that I didn’t get into: reality television and the Internet. These two things have created a culture of “sharing”, for lack of a better word, that encourages people at play or work to divulge the most mundane and private details of their lives to others—the kind of information that one previously might only have shared with family or best friends.

Adam Gorley

Read more
Imagen 1

Privacy risk management – by design

I’ve discussed the Privacy by Design principle before, in the Inside Internal Control newsletter. In case you don’t know, PbD is an approach developed by Dr. Ann Cavoukian, the Privacy Commissioner of Ontario, which proactively embeds privacy protection by default in the design of an organization’s practices and products.

Colin Braithwaite

Read more
Imagen 1

Employers discussing employee medical condition with other employees

In general, an employer, manager, supervisor or HR professional discussing an employee’s medical condition with other employees is just plain inappropriate…

Marie-Yosie Saint-Cyr, LL.B. Managing Editor

Read more