What is a Personal Assistant Confidentiality Agreement?
For any professional, the protection of sensitive information is paramount. This holds especially true for personal assistants, who often have access to private details regarding a principal’s life and affairs. This document provides assurances that the information gained by an assistant will not be disclosed, used or misused by the receiving entity outside of the confines of the assistant’s work for the principal. It is meant to provide protections for both the principal and the assistant. If the principal provides the Personal Assistant with confidential information and the assistant discloses this information to unauthorized third parties, the assistant could find himself or herself in a world of legal hurt, especially if the assistant cannot recover from the third party.
The personal assistant confidentiality agreement is a contract between a personal assistant and a principal that lays out the private information that will be revealed to the assistant, as well as the type of protections that the assistant must provide in order to keep the information private . The agreement will not authorize the assistant to divulge this information to third parties and will provide consequences for disclosure of this information. By signing a personal assistant confidentiality agreement, the personal assistant will be agreeing not to take advantage of this information for personal gain and to protect the information from unauthorized access. If the personal assistant negligently allows a third party to learn this information, the agreement can provide sanctions and protect the principal from any such damage.
Moreover, the personal assistant confidentiality agreement will also protect the personal assistant. In the unfortunate event of a disclosure of the protected information, this employment contract can protect the assistant from personal liability, by providing for indemnification and, if necessary, representation by the principal’s attorney at the personal assistant’s request.
Elements of a Confidentiality Agreement
An effective personal assistant confidentiality agreement should cover four key components: scope of confidentiality, duration, definition and governing law. Understanding each of these elements enables an employer to create a solid agreement that checks all the boxes. The scope of confidentiality covers the employer’s requirements for nondisclosure. Confidentiality extends to the employer’s business information and operations, client affairs, prospective clients, and all information that could be damaging to the other party if released. Determining the scope of confidentiality begins with considering the confidentiality and protection needs of the employer. Duration refers to how long the confidential material must be kept secret. Some agreements will state that the term is indefinite, like a non-compete. Other agreements will be for a specified duration. Ordinarily, however, a well-drafted agreement will have a Delaware choice of law for a duration of six months. The definition of confidential information can either be a broad one or narrow. If you are trying to keep the agreement as minimal as possible, a narrow definition may work. However, most approaches to drafting a confidentiality agreement default to a broad definition. This means that almost everything will qualify as confidential. The agreement will also include a governing law that specifies which laws apply to the agreement. The majority of the language in a confidentiality agreement must conform to the regulations of that state. In some states, a violation of confidentiality carries the weight of a criminal offense, while in other states, such violations are considered civil offenses.
Legality of Confidentiality Agreements
Even though confidentiality agreements are sometimes seen as little more than a bit of extra legal protection for the sake of formality, they are usually enforceable like other contracts. However, as always, the law regarding confidentiality agreements does vary from state to state. At their most basic, confidentiality agreements are legally enforceable as long as they are voluntary and supported by consideration (something of value given in exchange for entering into an agreement). While courts are generally reticent to recognize an implied contract, if the circumstances clearly demonstrate that both parties intended to form a legally binding agreement and that the plaintiff reasonably relied upon it to his or her detriment (relying upon the confidentiality agreement to disclose a trade secret, for example), then courts will, when appropriate, consider the existence of an implied contract between the parties. Nevertheless, the employer should attempt to have the employee expressly sign the agreement. In this regard, a properly worded confidentiality agreement is the best way to protect illegal disclosure of non-public, proprietary corporate information.
How Can Confidentiality Agreements Protect Your Business’ Sensitive Data?
Confidentiality agreements, sometimes known as non-disclosure agreements (NDAs), act as a legal line in the sand, defining what is and is not confidential and giving the employer a straightforward tool for enforcing their rights should the employee breach the provisions of the contract.
In recent decades, the scope of confidentiality agreements has increased in line with the rise of the digital workplace. Where managers may have once demanded that an assistant simply return information once they left their employment, today’s stricter information management regimes mean that there are a host of devices, documents, and pieces of information that assistants are likely to handle while they are at work, some of which the employer may well want to protect after the employment comes to an end.
It is common to put in place protections around device access, whether it is a company-issued mobile device that will now be returned or a personal phone that may be used to access sensitive company information. It may be necessary to explain exactly how that phone should be returned – factory reset, or just specific areas of the phone? At one level, it ought to be simple to delete information from a mobile device prior to returning it, but of course the understanding that information has been deleted is dependent on trust, particularly since mobile devices have an indisputable capacity to store previously deleted data or hidden caches. Permission to delete information from a mobile device prior to return can be a double-edged sword – sometimes, it will be essential to be able to delete all traces of the data, and it can be more trouble than it is worth to continually issue reminders that the data should not be saved. Conversely, however, if the personal assistant is allowed to delete information from a device on return, it can leave the business with a lack of granular detail as to who accessed what and when, even if it proves impossible to reconstruct that information after the fact.
Confidentiality obligations can also include prohibitions around access to, and copies of, internal documents. As with mobile device management, there is likely to be a question of whether all information held by a personal assistant should be wiped or just certain areas. Wiping information from a phone is one thing; but if the employee has printed out or saved hard copies of protected information, should that information be returned or deleted? This again speaks to a need for trust between the employer and employee that the data has not been kept after this period of employment, especially in the case of paper documents which can at times be forgotten.
Employers can also choose to lift the lid on another debate by requiring an employee to disclose to the organisation any information that they have taken from the company while working for that employer, or after they have left the company. This has the obvious advantage that the employer then knows what the employee has taken, but the flip side of this is that it is essentially an admission of wrongdoing on their part. While making this declaration can be a simple tick box exercise, there is an opportunity here for the employer to draw a line in the sand with the employee and state unequivocally that they take a dim view of the taking and sharing of confidential information.
Risks Involved with Confidentiality Agreements
While personal assistant confidentiality agreements can be an effective way to protect privacy, they also come with potential risks for both the employer and the employee:
Breach of Confidentiality
If the personal assistant breaches a confidentiality agreement, it can lead to a breach of trust. While the employer has the right to take disciplinary action against the employee for such breach, the health care power of attorney could be found voided if evidence is found that the personal assistant has abused or exploited the principal, including through a selective disclosure of confidential information. अक्टूबर 1, 2017.
A breach of confidentiality can also have reputational effects on the principal, and can de-courage an employee from reporting to the principal any improper or illegal activity they may see in the work place .
A personal assistant may argue that he or she left the position due to the employer’s wrongful conduct, including an inability to act in accordance with the law and/or company policies. Such a wrongful discharge claim can include a theory of liability based on the employer’s illegal or wrongful actions, including an illegal breach of confidentiality or violations of state and federal privacy laws.
Mitigating the Risks
While a personal assistant agreement can help prevent and/or mitigate the risks for both parties enumerated above, there are several steps both parties can take to assuage concerns and to safeguard confidentiality:
Best Practices for Implementation and Execution
When it comes to ensuring the confidentiality of information, there are several best practices that can help guide the drafting and execution of your agreement. Keep it simple. While confidentiality agreements for personal assistants may contain several elements, you want to keep the language as simple as possible. No one will understand legal jargon and clauses full of legalese aren’t any easier to decipher than the text in a foreign language. Not to mention with a simple confidentiality agreement, it’s easier to point back to the original intent of the agreement if something does go wrong. Be specific. Include as much relevant detail as possible. It may not be necessary to include a long list of every possible type of confidential information that needs to be protected. Instead, consider being more global and target the general types and categories of information that should be kept confidential. It helps to avoid any gray area or confusion about the intended scope of the agreement. Establish consequences for the violation of the terms of the agreement. Be upfront about what happens if either party breaches the agreement and allow for the option of pursuing damages if necessary. Keep in mind that whether or not you actually move forward with seeking damages, the fact that you’ve included it in the agreement may be enough to discourage the other party from acting inappropriately. Consider the circumstances of the position. How important is confidentiality to your work? For example, if your assistant will have access to your banking information, keeping that information confidential is vital. Conversely, if he or she will only occasionally have access to your email account, you may not need to make that information confidential. Recognize the difference and make decisions about what information really needs to be kept confidential based on those policies. Identify any exceptions to the rule. There are some instances where confidentiality agreements can become a significant burden for those who have possession of confidential information. The New York City Environmental Protection Agency, for example, has a confidentiality policy that discourages parties from placing restrictions on the use and/or disclosure of confidential information. The rationale, according to a letter to the editor in response to the EPA’s public feedback gathering in 2019, is that "Many organizations and individuals will often have a protected right to use and/or disclose even highly confidential information for a clearly defined scholarly, artistic, commercial, government, or other legitimate purpose, including but not limited to the verification of publicly reported information and interpretation and translation related to government scholars and public information." Identify which types of information are exempt from the terms of the confidentiality agreement so your personal assistant knows exactly what is expected of him or her. Consider consulting legal counsel. Legal counsel can both help you draft your confidentiality agreement and provide you with advice about how to enforce its terms.
Updating and Reassessing Confidentiality Agreements
A confidentiality agreement should be dynamic rather than static. A non-disclosure agreement is typically tailored to a particular situation, job, or business, and such factors may change over time. Hence, the need to frequently review and update confidentiality agreements. A secretary’s job responsibilities and access to information may change as his or her role within a company evolves. For example, the increase in importance of email communications means that an employee given a new job function at a company may need to receive additional training on the security of electronic communications. Legal standards for reasonably protecting information may also shift, and a non-disclosure agreement may need to be revised to reflect these changes.
Even a lone individual’s organization may undergo any number of changes that can have a significant impact on the information a personal assistant may come into contact with. The nature of such information itself can change; for example, a writer may begin focusing on a new genre or style, and if the new work is commercially-nonviable then the private information of the writer no longer needs to be kept confidential. Or the writer may gain notoriety and change the manner in which he or she wishes to operate. A decision to relocate may also affect the type of information involved.
Additionally, as discussed above, a company may undergo restructuring, including a shift in focus or a change in the number of employees. Alternatively, a business might simply thrive, expanding into a larger market that necessitates new confidentiality protections . Perhaps a business has a public-facing website that contains information usually kept private—such as shareholder contact information—that is not secure. A move to a larger website hosting service with its own privacy policy may be cost-prohibitive, but updates to the non-disclosure agreement followed by an internal review process could prevent the inadvertent loss of private information.
Documents can also be lost, damaged, or destroyed. An English teacher uses years’ worth of personal notes for the school year to teach students in his or her high school level classes. An unfortunate spillage of coffee on a rainy day later in the semester sacrifices a week’s worth of lesson plans for the rest of the semester. An accidental fire burns the remaining lesson plans. A teacher in this situation will have records of previously made lesson plans—hopefully—but the time spent recreating the plans and or finding alternate activities will prove burdensome and costly for a school or individual teacher in terms of hours and lost productivity.
A confidentiality agreement can benefit from revisions that make use of templates for different purposes while retaining the same general format. For example, a company might create a checklist of the most common types of information to share with contractors, including billing information, invoices, and more. Certain types of information might require stricter control measures to safeguard; for example, the disclosure of account numbers, tax identification numbers, or credit card information could require a specialized training and record-keeping regimen before such information can be safely shared with contractors, personal assistants, consultants, vendors, or any other third-party.