So there I was, on the phone with my CEO at 11 p.m. trying to get away from the noise of a very loud party on a Friday night. Someone in my team accidentally published a drawing in her on-line portfolio. The design was still under an ill-defined but active NDA and the client was getting ready to sue.
I had to borrow the laptop of the party host and spent the rest of the night in the kitchen, making calls, waking people up and getting sober against my will. Disaster recovery doesn’t mix well with cocktails, I can promise you that much.
A non-disclosure agreement (NDA) is pretty common right? Hope it never bites you like it did me. Here’s my checklist and some common NDA pitfalls. No legal stuff, I promise!
NDA checklist for project managers:
- add NDA related efforts to the project charter: secrecy is an ethical and strategical thing, but it’s unlikely to be effortless, don’t fail to describe those efforts as a part of the service and allocate budget for them, you may even be able to charge for it
- put NDA related topics on the agenda in meetings: especially on the kick-off and retrospective meeting agenda
- state clearly that an NDA is active until management explicitly declares otherwise: no other entity or event can lift it
- tell the HR department: confidentiality is a cultural thing, tell counselors and HR about it, they often screen new people and there’s a role in informing new hires for them too
- talk about it with your management: don’t assume they know
- tell team members what they can and can not say or do on online social networks: you don’t want your client to see people of your team checking into the venues of their competition for instance (LBS social networks like Foursquare tend to carry this risk)
- train team members: this doesn’t have to be that elaborate, a one hour group session with examples should suffice. Unless you’re working with lawyers they didn’t get this in college
- tailor project templates: put security and confidentiality related headers in templates, use levels (e.g. sensitive/confidential/secret)
- give new hires, freelancers and consultants that join your team the NDA mindset treatment
- check your IT infrastructure and tools: talk with IT and ensure that the drives the project documents are stored on are safe, keep an eye on the location of the tools your team is using, use off-line storage if you must
- consider keeping people separated: in extreme cases allocating a project room that is off limits for anyone not on the project team
Important NDA related risks and pitfalls:
- assuming that people read the details in the NDA text (even if they did, not everyone’s fluent at lawyer-speak)
- assuming the legal department will take care of everything (how can they? their job is focussed on getting the word right)
- having people around the team with conflicting contracts (check especially independent contractors) Using the checklist, off course you told HR so they screened new people properly for this
- getting contractors on the team that didn’t sign an NDA yet
- not having a generic company NDA template handy
The secret ingredient is creating the awareness of confidentiality and that it takes effort, that means taking it into account in estimations and planning as well. A PM is ideally positioned to create this awareness, and because of that you carry a responsibility whether you want it or not.
If you read this far you should follow me on twitter.