7-2 Final Project Milestone Three Recommendations and Global Considerations
docx
keyboard_arrow_up
School
Southern New Hampshire University *
*We aren’t endorsed by this school
Course
659
Subject
Information Systems
Date
Feb 20, 2024
Type
docx
Pages
4
Uploaded by mmovsesian
Recommendations and Global Considerations 7-2 Final Project Milestone Three: Recommendations and Global Considerations
Southern New Hampshire University
IT-659-X1516 Cyberlaw and Ethics 23TW1
Dr. Derek Holbert
November 5, 2023
Recommendations
Recommendations and Global Considerations A thorough policy and set of processes is essential from an administrative point of view for the protection of trade secrets and private data. First and foremost, businesses ought to make it a habit to execute and uphold strong agreements on confidentiality to safeguard their trade secrets. Subject to state law and the federal Defend Trade Secrets Act, 18 U.S.C.A. § 1836, employers may create confidentiality obligations through standalone agreements or as a part of an employment agreement. (Dibernardo et al., Trade secret protection in corporations: Best practices
2022). These agreements may specify how to define trade secret and private information to the company, in addition to the limitations
on the use and disclosure of that information by the employee and the duties that will persist beyond the termination of the employment relationship. Non-solicitation and non-competition agreements are additional ways to prevent employees from interfering with clients, vendors, or coworkers who could own or represent trade secret information.
Administrative processes should ideally be in place to inform employees of their legal obligations and to make it clear, before any issues occur, the extent of those requirements, despite the fact this is not what the Pfizer complaint mentions. If an employee downloads a spreadsheet or report they created while working, for example, they might not want the employer's private information included in the file; instead, they may consider the document's format as common knowledge. Workers have claimed not to understand the difference between generic knowledge picked up on the job and trade secrets owned by their employer. In any event, training employees regarding how far to protect employer trade secrets and confidential information can help to prevent misunderstandings in honest attempts and support an employer's legal claim that it has adequately protected its trade secrets. As may be found in employee handbooks, businesses must also adhere to thorough trade secret and confidentiality protocols and standards.
Recommendations and Global Considerations In addition to defining employee responsibilities and assigning appropriate access levels to different employee groups, these processes and policies can offer useful training, identify relevant groups of protected information, and generally set up company protocols for maintaining confidentiality, even after an employee leaves. When an employee leaves, employers should think about
doing regular, recorded exit interviews. During these interviews, the employee should be provided a copy of their contract of employment or any other confidentiality obligations, and they should ask for them to surrender all documents and files, which is a requirement that frequently appears in employee agreements.
Global Considerations
Pfizer being a global company with 36 manufacturing sites worldwide and sell their products in 185 countries they would fall under the International Standardization Organization (ISO). The standard that would be most relevant is the ISO 27001. The ISO 27001 is a standard that works to establish, implement, operate, monitor, review, maintain and improve an Information Security Management System (ISMS) (
ISO 27001: What is it and how to get certified
). This standard would be relevant because
the standard helps companies handle security issues in a consistent and cost-effective way by strongly encouraging external audits and encouraging IT departments to conduct routine inspections. It also demonstrates that, from a company perspective, you have identified risks before implementing controls to help manage threats and vulnerabilities. The three main components of this ISO standard—people, process, and technology—improve support for risk management techniques and compliance guidelines, such as GDPR and NIS Regulations.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help
Recommendations and Global Considerations References
“ISO Compliance: What Is It & How Does It Impact Your Business?” Diligent
, www.diligent.com/resources/blog/iso-compliance-and-why-it-matters. Accessed 3 Nov. 2023
. Dibernardo, I., Sobel, J., & Strong, M. (2022, April 15). Trade secret protection in corporations:
Best practices
. Reuters. https://www.reuters.com/legal/legalindustry/trade-secret-protection-
corporations-best-practices-2022-04-15/
ISO 27001: What is it and how to get certified
. Diligent. (n.d.). https://www.diligent.com/resources/blog/iso-27001-what-is-it-and-how-to-get-certified
In text citation: (Dibernardo et al., Trade secret protection in corporations: Best practices
2022)