A man in a grey business shirt looks sideways. Someone has placed a hand over his mouth.

Protecting Confidential Information: Termination Day

This article is the final piece in a three part series of blogs focussed on how organisations can most effectively protect themselves against employees stealing confidential information.  Following on from our second blog in the series, which focussed on how to effectively protect your company’s confidential information from an employee during their notice period up until their termination, this blog looks at common mistakes employers make when exiting an employee, and what to do in the event that a former employee has been found to have stolen company data, or is working in breach of a restraint of trade.

Making a clean break and preserving data

Firstly, it is important to always conduct an exit interview with the departing employee, and in turn, to have the employee sign a declaration stating that they have returned all company property that was in their possession.  Be sure to make an official internal note of the interview in case there is ever a discrepancy in the future.  Either during, or immediately prior to this exit interview taking place, make sure to cut off the employee’s access to any company IT services and/or accounts, and be equally careful to change all passwords used by the employee to access company services.

Save and preserve a complete copy of the employee’s mailbox, making sure to include their calendar and any calendar notes.

If the employee has used a company issued computer and/or phone for work, consider sending the device to a forensic IT specialist to conduct a basic review of the device to check for abnormal activity.  Whilst this is not necessarily a crucial step in every case, no harm can come from taking a cautious approach to an employee’s departure.

What should you do if you suspect that an employee has stolen company data, or is working in breach of a contractual restraint of trade term?

Try to secure any electronic devices that were previously used by the employee prior to them leaving by locking them in a secure place.  It is important not to attempt any sort of examination of the employee’s devices without professional assistance.

Collate relevant documents:

  • Employment contract(s);
  • Termination or resignation letters; 
  • Exit interview documents;
  • Related company policies, such as workplace surveillance, use of electronic devices, and confidentiality; and
  • Any documented evidence of a breach, such as evidence of copying data and suspicious emails, or other communications with customers and suppliers.

It is also important for companies to review all current and future business opportunities which the employee in question may seek to exploit, and to prepare a detailed rundown of any relevant information.

Seek urgent legal advice!  Any delay by a company may be viewed by a court as evidence that there is no genuine business risk to protect, and the court may in turn dismiss a case on that basis alone.

Common pitfalls for employers

From experience, the most common obstacles faced by employers when seeking to enforce post-employment obligations are self-inflicted.  These are:

  • Having poorly worded contracts, usually as a result of employers preparing their own employment contracts without seeking legal advice;
  • Failing to keep signed copies of employment contracts;
  • Providing staff with access to sensitive information without monitoring that access or maintaining controls over how that information can be copied or sent;
  • Not maintaining a workplace surveillance policy;
  • Failing to act quickly once they become aware of a potential breach; and
  • Compromising the integrity of key evidence by attempting to examine electronic devices themselves.  

To quote Nigel Carson from KordaMentha Forensic, “every computer contact leaves a digital trace”.  It truly is important to take heed of the fact that in an environment where the best evidence usually wins, conducting inexpert investigations can be a self-defeating exercise.

Of course, all of these pitfalls are easily avoidable with a little bit of advance planning, disciplined business management and legal advice.

Finally, we all recognise that in 2018 filing cabinets and ledgers are pretty much a thing of the past.  Similarly, I suggest that it is also time to acknowledge the fact that the “IT guy” and the “mate of the boss who’s a bit of a tech-head” have likewise become redundant.  Virtually all business activity is conducted electronically through computer systems, so regardless of how small a company may be, the IT system is often the most important piece of commercial infrastructure that they have.

A professionally managed IT system using up to date hardware is not just good for business, it will also save you certain grief in the future if you need to rely on it to recover data or gather evidence for use in legal proceedings.

How can Coleman Greig help your business to protect its confidential information?

Coleman Greig’s employment team can assist businesses at every stage of the employment life-cycle.  Our lawyers are able to provide expert advice on the preparation and implementation of internal policies and procedures, drafting contracts and agreements, risk identification and management, and enforcement of post-employment obligations including litigation to prevent misuse of confidential information, and to enforce contractual restraints of trade.

Please bear in mind that whilst Coleman Greig’s Employment Law team can provide legal advice on risk management and the protection of confidential information, we don’t manage IT systems.  I would urge any business with an IT system currently serviced by the “IT guy” to seek professional advice from a reputable company!

If you have a query regarding any of the information found in this, or any of the other blogs in this three part series on protecting confidential information, please don’t hesitate to get in touch with:


Send an enquiry

Any personal information you provide is collected pursuant to our Privacy Policy.


More posts

Can i put my home on Airbnb?

Airbnb is a form of short-term rental accommodation. To add your property to Airbnb in NSW, you are required to meet several laws and regulations governing short-term rentals.

When are liquidators required to seek approval to retain legal counsel?

When does a liquidator (or the company he or she is appointed to) need court, creditor, or committee approval to validly retain a solicitor to act in a liquidation matter which is likely to extend for longer than three months?  The answer to this question has only recently been settled.

Proposed changes to building and construction law in NSW

The Building Bill 2022 (the Bill) is the key avenue through which the NSW Government has proposed to reshape the culture of the building and construction industry by eliminating poor performance and improving the quality of building statewide.

Can you dismiss an employee who fails to return to the office?

Slowly but surely, most employers are requiring employees to return to the office for at least a portion of their working week. Some employers continue to struggle with employees resistant to returning to the office or those who have an expectation that they can continue to work from home whenever it suits them.

New powers to combat phoenixing in construction

The rise of phoenixing in the building and construction industry in Australia in recent years has proved a significant challenge to regulators. Mismanagement of time or cashflow can quickly propel businesses into insolvency.

The NSW Building Commission’s extraordinary powers

In late 2023, the NSW Government passed the Building Legislation Amendment Bill 2023 (Amendment Bill). The Amendment Bill established the NSW Building Commission and granted it extraordinary powers to enter construction sites, inspect work and take away information and materials.

© 2024 Coleman Greig Lawyers   |  Liability limited by a scheme approved under Professional Standards Legislation. ABN 73 125 176 230