Your business – and your employees – have access to sensitive information. Whether it’s personal, financial, or otherwise, your clients trust you with their information. Once entrusted to you, these assets are yours to use – and to protect. Depending on what information is in your care, data theft such as a stolen customer list could harm your customers and your company. Read this article for risk management practices pertaining to the protection of your business’ customer list – and what to do if it is misused or stolen.
Customer List Confidentiality
In today’s digital age, the biggest threat of a data breach comes not from outsiders, but from inside the company. As an employer, you may need to share customer lists with your employees in order to conduct business. Depending on the type of information you collect, these lists could contain highly confidential information.
Confidential information refers to information that a business does not wish to make public. This may include anything from customer contact information to the prices that clients pay for your products or services. The more sensitive the data is, the more damaging a stolen customer list can be.
Stolen Customer List: What to Do
A stolen customer list could harm your clients, damage your reputation, or expose your company to potential liability. What should you do if an employee breaches trust and uses your information in a way that could harm your company?
Protect the Information
Whether or not the employee currently works for your company, your first step should be to try to get them to return the stolen customer list. Send the employee a formal letter instructing them to return the information, confirm that they have not shared it, and permanently remove it from their possession.
If the employee is still working for you when the data theft occurs, you may be entitled to end their employment as a form of remedy and further risk management. Review the terms of their employment agreement. If they unlawfully disclosed confidential information or engaged in serious misconduct, you likely have reason to terminate their employment.
Pursue Legal Action against the Employee
If the stolen customer list contains highly confidential information, or your business has suffered as a result of the theft, you should consider legal action against the employee. A court has the power to:
- grant an injunction ordering the individual to do (or refrain from doing) an action;
- order the employee to pay damages for the breach of contract or for intellectual property infringement;
- order the employee to compensate the company for any legal costs.
If you wish to pursue legal action against a current or former employee that committed a data breach, the business litigation attorneys at Cipparone & Cipparone will be able to educate you on your best course of action.
Risk Management: Data Theft Prevention
Businesses are built and operated on trust. When you start a business, you trust that the idea, product, or service will succeed. When you land a new client, you trust that your relationship will prove to be mutually beneficial. When you hire an employee, you trust that they are able to get the job done and that they will accurately represent your business with integrity.
The first step in facilitating trust is in clearly defining expectations.
When someone understands how they should act as defined by law, culture, or company, they are then faced with the choice to act in accordance with what is right – or, what is not.
Define Company Policies
Strike up a stringent set of company policies that outline what employee data misuse is. Make sure all of your employees understand what these policies are – and how they should work to protect sensitive information and trade secrets.
Define Employee-Employer Privileges
When hiring a new employee, have the person sign a non-compete and a non-disclosure agreement (NDA) that protects company information. If the employee chooses to break their agreement by divulging trade secrets or stealing customer lists, the employee may be terminated and/or held liable for damages.
Educate Your Employees
Another risk management best practice is to regularly train employees on company policies regarding data use, business ethics and cybersecurity. In providing continued education to your employees, you are further aligning them to your vision and empowering them to act with confidence and maintain trust.
Employee Risk Management Tips
- Have your employees sign a non-compete agreement.
- Have your employees sign a non-disclosure agreement (NDA).
- Educate employees on company privacy policies.
- Provide continued training on cybersecurity practices.
Final Word: Handling a Stolen Customer List
The threat posed by ignorant or malicious employees misusing or misappropriating company data is ever-present. Employers must be proactive in their risk management strategies in order to protect their information and their business.
However, if your business falls victim to employee data theft, there are remedies you may wish to pursue, including:
- If the information is recovered, employee discipline or termination may be justified.
- If there was significant damage to the company as a result of the stolen customer list, legal action against the current or former employee may be justified.
A stolen client list can damage your business and your reputation. If you need legal guidance on how to handle a stolen client list, employee breach of contract, or any other type of business litigation, contact our business litigation attorneys at Cipparone & Cipparone, P.A.
**This blog is for general informational purposes only. Cipparone & Cipparone, P.A. does not distribute legal advice through this blog. As such, this blog does not constitute legal or other professional advice, and no attorney-client relationship is created between the reader and Cipparone & Cipparone, P.A.Tags: business litigation