INTELLECTUAL PROPERTY POLICY
TABLE OF CONTENT
Introduction …………………………………………………………………………………...........………..……3
Scope …………………………………………………………………………………………..….…….……….……3
Objectives …………………………………………………………………………………….........….……………3
Classification ………………………………………………………………................………….…….…………4
Key Stakeholders ………………………………………………………………………….................…………4
Risk Assessment …………………………………………………………………………………...............……4
Ownership ………………………………………………………………………………………………….........…6
Communication …………………………………………………………………………………….........………7
Responsibility of Employees …………………………………………………................................……8
Confidential Agreement …………………………………………………………......................…………8
Guidelines for Documentation …………………………………………..............................…………8
Repository …………………………………………………………………………........…………………………9
Agreement ……………………………………………………………………………..…………………………10
Recommendation for Repository and Agreement …….........................................………11
Security Measures ………………………………………………………………...............…………………12
Policy Violation …………………………………………………………………….................………………12
Policy Review and Update ………………………………………………….......................……………14
Appendix ……………………………………………………………………………..……………………………15
Stakeholder Signoff ……………………………………………………………...................………………15
INTRODUCTION
The protection of intellectual property assets allows organizations to maintain a competitive advantage and ensures that the hard work and financial investments are used to the business’s advantage. It prevents unauthorized third parties from benefitting from our efforts. Products or processes can be licensed to third parties in exchange for a fee or royalty later in the future.
Preserving and harnessing these invaluable assets is crucial for any forward-thinking organization. Therefore, this document puts forth a comprehensive strategy for the efficient handling of company intellectual property.
The suggested framework involves a methodical approach to manage and safeguard intellectual property assets. Additionally, it introduces a centralized repository intended to function as the core for organizing, monitoring, and securing all aspects of the organization's intellectual wealth. This repository serves as a pivotal element in strengthening the company's intangible resources and facilitating accessibility for authorized stakeholders.
Through this proposed initiative, the aim is to cultivate a culture of proactive intellectual property management within the organization. This ensures that intellectual assets receive the necessary attention and protection they merit. In doing so, we not only bolster the company's competitive stance but also establish a sturdy foundation for sustained innovation and expansion in an increasingly competitive global arena.
SCOPE
This document describes the procedures involved in the disclosure protection, management, and warehousing of intellectual property (IP) owned by The Concept Group (TCG). This document contains standards or methods for protecting policies, processes or procedures, products, and services (both new and old) alongside other intangible assets such as the company’s emblem, logo, brand voice, etc.
OBJECTIVES
The objectives of this policy include:
• Protecting IP rights and safeguarding confidential information.
• Facilitating efficient documentation of all IP assets.
• Streamlining approval and authorization processes.
• Enhancing collaboration and knowledge sharing.
• Mitigating risks of IP infringement and disputes.
CLASSIFICATION
The following are the classes of intellectual property under this policy. Please note this list is not exhaustive and new processes or products/services can be added.
• Standard Operating Procedures for all departments in TCG.
• All company and departmental policies.
• Confidential documents such as company profile, brand guide and registration documents.
• Documents of all the products and services provided by TCG.
KEY STAKEHOLDERS
The following departments are responsible for creating, managing and safeguarding any intellectual property belonging to TCG.
• Legal.
• Learning and Development.
• System and Network Administration.
RISK ASSESSMENT
There are risks related to intellectual property (IP). Some of these risks are highlighted below alongside their corresponding mitigation plans.
|
S/N |
Risk |
Description |
Mitigation |
|
1 |
Employee Turnover and Information Leakage. |
When employees leave the company, they may take valuable knowledge, trade secrets, or ideas with them, potentially leading to the unauthorized use of IP. |
|
|
2. |
Cybersecurity Breaches and Data Theft. |
Unauthorized access to our systems could lead to theft or exposure of sensitive intellectual property.
|
|
|
3. |
Inadequate IP Protections. |
Failing to secure patents, trademarks, or copyrights can leave our IP vulnerable to infringement. |
|
|
4. |
Inadequate Employee Training. |
Employees may unintentionally disclose sensitive information or fail to recognize the value of certain IP assets. |
|
|
5. |
Infringement by Competitors or Third Parties. |
Other companies may infringe on our IP rights, potentially diluting our brand or devaluing our innovations. |
|
OWNERSHIP
TCG claims ownership to any innovation or intellectual property created by any employee for the use of the company while employed at TCG.
COMMUNICATION
Introducing IP policies and procedures to new employees should take the following formats:
• Training during the onboarding period.
• Demo the repository during onboarding.
• Assist new hires with account creation on repository
Training should be conducted for current employees by the L&D Team to intimate them on the importance of policies and procedures for all IP assets.
On the notice of any breach, employees should report to the legal team by email with the system and network admin and L&D teams in copy.
RESPONSIBILITIES OF EMPLOYEES
Employees have a responsibility in safeguarding the company’s IP assets. Employees should be encouraged to:
• Attend training sessions, and familiarize themselves with the types of information that are considered confidential.
• Only access or use confidential information when it's necessary for their job responsibilities
• Comply with any NDAs or confidentiality agreements signed with the company or external parties.
• Use strong, unique passwords for accounts and systems that have access to confidential information.
• Refrain from discussing or disclosing confidential information in public areas, both physical and virtual.
• Report any concerns about improper handling of confidential information using established channels, without fear of retaliation.
• Only share confidential information with authorized individuals within the company or with external parties as specified in agreements or policies.
• Report breaches or unauthorized disclosure of confidential information immediately to the designated contact person or channel.
• Understand and adhere to the legal and ethical obligations related to the handling of confidential information, both within and outside the organization.
• Respect the copyrights and trademarks of others, and only use them in compliance with legal and company guidelines.
• Be vigilant about cybersecurity best practices to protect against cyber threats that could compromise confidential information.
• When leaving the company, follow exit procedures to ensure that any company-related confidential information is returned or handled appropriately.
• Stay vigilant and proactive in identifying and addressing potential risks or vulnerabilities related to the handling of confidential information.
CONFIDENTIAL AGREEMENT
Employees, contractors, vendors or partners are required to sign confidentiality agreements or Non-Disclosure Agreement (NDA) to protect sensitive information and trade secrets.
Protecting our IP assets requires a blend of keeping some things secret and having staff sign confidentiality agreements and perhaps documenting processes which only a few are aware of. Below are method as to help employees comply:
• New Employees:
A clause will be included in the offer letter that states that new employees agree to keep company information confidential. This agreement will be included in the Employee Non-Disclosure Clause/Agreement prepared by the Legal department. The NDA forms a part of the offer letter for new employees. Once the offer letter is accepted, the employee automatically agrees to the clause.
• Current Employees:
Please find below options to ensure that current of employees conform to the confidential agreement.
1. Contract forms: The legal department team prepares and shares a contact form with the HR team. The HR team subsequently sends out physical contract forms to be signed by each employee and submitted back to the Human Resources department and entered into the employee file.
2. Google forms: The HR department sends out contract forms using an online platform such as Google forms to be signed by each employee. HR compiles the report and keeps it in the repository.
3. Popup on laptop: A confidentiality clause prepared/reviewed by the legal team may be sent to all laptops by the IT team on a specific date where all employees have to tick an “I agree” box before they begin work for the day.
A draft of the NDA for all employees (new and existing) is attached in the appendix.
REPOSITORY
The repository is the digital archive where all IP related entries will be warehoused. TCGWiki is the official repository for all IP and IP-related assets.
GUIDELINES FOR DOCUMENTATION
• All documents considered IP must be reviewed by the legal team and approved by management.
• Patents and trademarks may be obtained for innovations/inventions and products, services and branding.
• Implement version control mechanisms for documents related to IP development. This ensures that there is a clear history of changes and updates.
• Clearly document and record the ownership of each piece of IP. This includes names of creators, inventors, and any relevant parties involved.
• Conduct regular audits of the IP documentation to ensure it is up-to-date and accurate. Update records as needed to reflect any changes or developments.
• Implement confidentiality measures to ensure the confidentiality of sensitive IP documentation. This could include restricted access, encryption, and non-disclosure agreements.
• Provide training to relevant employees on how to properly document and manage IP. This ensures that everyone is aware of the procedures and their role in the process.
• Disposal of IP documentation that is no longer needed should be done in a secure and compliant manner.
• IP assets should be uploaded by team leads/departmental heads or the learning and development (L&D) team.
SECURITY MEASURES
• Strict access controls to ensure that only authorized personnel have access to sensitive IP such as the use if official email only and role-based access permissions.
• Disable document download and transfer using USB or flash drives.
• Encryption to protect data both in transit and at rest. This ensures that even if data is intercepted, it cannot be read without the appropriate decryption key.
• Firewalls to monitor and filter incoming and outgoing network traffic. IDS systems can also alert you to any suspicious activities that may indicate a security breach.
• Periodic security audits and assessments to identify vulnerabilities and weaknesses in the IP protection infrastructure and address any issues promptly.
• Deploy Data Loss Prevention tools to monitor and control the movement of sensitive data within and outside the organization. These tools can prevent unauthorized access or sharing of IP.
• Comprehensive training on security best practices and the importance of protecting IP. Regular awareness campaigns can help reinforce these practices.
• Back up critical IP data regularly in case of a breach or system failure.
• Implement legal tools such as non-disclosure agreements (NDAs) and contracts to formalize protection measures and establish recourse in case of a breach.
POLICY VIOLATION
Common types of IP policy violations include:
• Unauthorized Access or Use:
Unauthorized individuals accessing or using confidential information or intellectual property without proper authorization.
• Breach of Non-Disclosure Agreements (NDAs):
Disclosing or sharing confidential information covered by an NDA with unauthorized parties, either inside or outside the organization.
• Plagiarism or Copyright Infringement:
Using or reproducing copyrighted materials (e.g., text, images, software) without the appropriate permissions or attributions.
• Unauthorized Copying or Replication:
Making unauthorized copies or reproductions of proprietary materials, such as software, documents, or designs.
• Failure to Report Breaches:
Neglecting to promptly report any suspected or known breaches or unauthorized disclosures of confidential information or IP.
• Neglecting to Use Proper Notices:
Failing to include necessary copyright, trademark, or patent notices on relevant materials.
• Misuse of Trademarks or Branding:
Using trademarks or branding elements in a manner that does not comply with established brand guidelines or infringes on the rights of others.
• Unauthorized Disclosures in Communication:
Sharing confidential information through emails, instant messaging, or other communication channels without the necessary safeguards.
• Unauthorized Modification or Reverse Engineering:
Attempting to modify or reverse engineer proprietary software or technology without proper authorization.
• Violation of Licensing Agreements:
Failing to comply with the terms and conditions specified in licensing agreements related to the use of specific software or IP.
Other violations not stated here but left to the discretion of the legal team and management teams.
Consequences of IP Policy Violations:
• Legal Action:
Violations of IP policies can result in legal action, including lawsuits for damages, injunctions, or other remedies.
• Reputation Damage:
IP policy violations can harm the organization's reputation, potentially leading to loss of trust from stakeholders.
• Loss of Competitive Advantage:
Failure to protect intellectual property can result in the loss of a competitive edge, as competitors may gain access to proprietary information.
• Financial Losses:
Legal fees, fines, or damages resulting from IP policy violations can lead to significant financial losses for the organization.
• Loss of IP Rights:
Continued violations may result in the loss of certain intellectual property rights, such as patents or trademarks.
Process of dealing with employees who violate the IP policy:
1. Conduct investigation (legal and SNA team).
2. Gather evidence of the violation - this should be compiled and shared by the Policy owner who alleges breach of the Policy, not the legal team. The evidence compiled is to be shared with the legal team.
3. Evaluate the intent and severity of the violation (legal team).
4. Communicate with the employee and reprimand appropriately (HR team) –Legal team will make recommendations, while HR enforces.
5. Re-educate the defaulter and other employees (L&D team)
6. Document violation and action taken (HR team) –the documentations form part of the employee’s record.
7. Review and update the policy and improve the security measures to prevent similar violations from recurring (legal and business operations teams).
POLICY REVIEW AND UPDATE
An effective IP protection policy is dynamic and hence, this policy should be regularly reviewed and updated to adapt to evolving risks and technologies. Reviews will be done annually.
VERSION HISTORY
|
Version |
Revision Date |
Description of Change |
Author |
Stakeholders Concurrence |
Next Review Date |
|
1.0 |
- |
- |
Obiageli Mbah |
|
- |
|
2.0 |
21/11/2023 |
Document should include IP management. |
Obiageli Mbah |
Chima Annonye Oluwole Ewejobi Ezinne Umozurike Owoicho Agada Itiekhao Ikpeminogena |
March 2024 |
|
|
|
|
|
|
|
APPENDIX
Employee Non-Disclosure Clause/Agreement.
EMPLOYEE’S NON-DISCLOS... | TCG Information Hub (rosabonfinance.net)
No Comments