Presentation is loading. Please wait.

Presentation is loading. Please wait.

Protecting Proprietary Information

Published byDavid Curtis Modified over 9 years ago

Similar presentations

Presentation on theme: "Protecting Proprietary Information"— Presentation transcript:

1 Protecting Proprietary Information
v. 10/25/2011 Training Brief

2 Objective: Address the use, handling and reasonable protection and safeguarding of Proprietary Information received either from Industry or Government sources v. 10/25/2011 Training Brief

3 Proprietary Information
Proprietary Information (“PI”) means technical and business information which the transmitting party desires to protect from unauthorized disclosure or use and likely related to a specific topic or program. PI may be in many forms, including designs, concepts, test data, requirements, specifications, hardware, computer software, interfaces, components, processes, materials compositions, costs, written and/or electronic materials, s, data, viewgraphs, research, or the like. v. 10/25/2011 Training Brief

4 What is Not PI Generally, the following is not PI:
Information available to the public or becomes available to the public through no act or failure to act of the receiving party. Information known to or developed by the receiving party. Information disclosed to the receiving party by a third party having legal right to disclose. Information disclosed with prior written approval of the disclosing party. If in doubt, consultation should occur with the Principal Investigator in coordination with Office of Counsel. v. 10/25/2011 Training Brief

5 Presentation Topics Background
Responsibilities Related to Proprietary Information/Data Organizational/Personal Conflicts of Interest v. 10/25/2011 Training Brief

6 Background UAHuntsville routinely executes Non-Disclosure Agreements (“NDA”)on behalf of the University and its employees regarding reasonable protection of proprietary information received from industry. Only specific individuals authorized by the Trustees of the University of Alabama System may execute an NDA on behalf of the University of Alabama in Huntsville. FAR § (b) - A contractor that gains access to proprietary information of other companies in performing advisory and assistance services for the Government must agree with the other companies to protect their information from unauthorized use or disclosure for as long as it remains proprietary and refrain from using the information for any purpose other than that for which it was furnished. DFARS § – The Contractor shall not release to anyone outside the Contractor’s organization any unclassified information, regardless of medium, pertaining to…the contract or any program related…unless (1) CO has approved; or (2) otherwise in the public domain v. 10/25/2011 Training Brief

7 Background, (cont’d) UAH Staff Handbook – “An employee may gain access to confidential information…Such information, and the underlying records, should be maintained in confidence by the employee.” (Page 94) Violations of the Alabama Trade Secrets Act may result in personal civil penalties to the disclosing individual. v. 10/25/2011 Training Brief

8 Access to Proprietary Information
Each Principal Investigator shall list and certify team members and office locations for those having access to PI. Relating to PI, each member shall read and agree to be individually bound by the terms and conditions of NDA’s and/or contracts executed by the University. It is the Principal Investigator’s responsibility to ensure that access lists are kept current and accurate. Student (including undergraduate, graduate and postdoctoral) participation shall be limited to situations where no Proprietary Information is shared with a student. v. 10/25/2011 Training Brief

9 Training Each member shall certify completion of this training regarding protecting PI. This training addresses the importance of (i) maintaining information integrity, and (ii) the requirements, processes and procedures for PI protection. The Principal Investigator is responsible for assuring that team members complete PI protection training. v. 10/25/2011 Training Brief

10 Handling of PI Marking and Identification – Legend on PI provides specific notice of restrictions on the use of the data or information. PI originally disclosed orally or visually will be protected to the extent the disclosing party summarizes the PI in writing & delivers such to the University within a reasonable time after disclosure. PI will not be used for any purpose than that for which it was furnished as stated in the NDA or contract. v. 10/25/2011 Training Brief

11 Handling of PI Physical Control of Proprietary Information - PI shall not be released outside of UAHuntsville and only within the University on a ‘need to know’ basis to persons that have been approved by the Principal Investigator. Copy PI only as reasonably necessary to complete the purposes of the NDA or contract. PI hard copy materials shall have cover sheets and must remain within designated containers/files or an access-controlled enclosure. All hard copy PI documents shall be secured within each member’s office prior to the end of each business day. v. 10/25/2011 Training Brief

12 Handling of PI Digital Environment Protections – PI stored in electronic form on disk, tape, or other storage media constitutes PI in permanent form. All digital documents will retain original markings. The computer systems and tools employed by UAHuntsville operate on University-owned and operated networks, which afford firewall, intrusion, and vulnerability management. All users must have University issued computer accounts and conduct all work upon University owned computers. All PI data that is generated shall be stored in segregated, access controlled data drives and databases. Electronic control of PI will be the responsibility of the Principal Investigator. v. 10/25/2011 Training Brief

13 Handling of PI Outside of controlled University work space – PI must be stored in a locked room, drawer, filing cabinet, briefcase or other storage device so that access by unauthorized individuals is prevented when untended by the member. Long term work (5+ days) outside of ‘official’ work spaces require advance written approval from the Principal Investigator. Extended ‘off site’ possession (30+ days) requires a written Memorandum For Record with appropriate details as approved by the Principal Investigator. MFR shall be retained by the Principal Investigator v. 10/25/2011 Training Brief

14 Handling of PI Transmission or Dissemination – External electronic transmissions of PI via , telephone or video teleconferencing shall be received only by those persons approved by the Principal Investigator after each has executed an NDA and received PI protection training. Appropriate Markings or Legends shall be displayed in/on/during the transmission of PI and certifications from recipients should be obtained. v. 10/25/2011 Training Brief

15 Inadvertent Disclosure of PI
Discovery will be reported to the Principal Investigator within 24 hours and fully documented regarding details of disclosure. Principal Investigator to provide a complete disclosure to the Vice President of Research or his designee within five (5) business days of the disclosure. Principal Investigator will immediately retrieve the PI from the unauthorized individual(s) and obtain a certification from the individual(s) that all PI (and copies, if any) have been returned to the Principal Investigator. v. 10/25/2011 Training Brief

16 Return or Destroy Obligations at Termination – Depending upon the terms of the NDA or contract, the receiving party will use reasonable efforts to destroy all received PI (in whatever form), including copies, then in its possession or control; or Use reasonable efforts to return all such PI to the disclosing party. v. 10/25/2011 Training Brief

17 Continuing Obligation
Limitations on Use or Disclosure – Most NDA’s and contracts contain a continuing obligation on the part of the receiving party to hold the PI in confidence for a period of years…some as long as 5 years. PI may not be used for design or reverse engineering or any other use without the written permission of the disclosing party. v. 10/25/2011 Training Brief

18 Additional Requirements
Classified Information is handled, marked and used in accordance with the National Industrial Security Program Operating Manual (NISPOM) and any other applicable laws or regulations. Export Controlled Information is handled in compliance with export control laws and regulations. Proprietary Information agreements do not supersede these laws or regulations. v. 10/25/2011 Training Brief

19 Conflicts of Interest An Organizational Conflict of Interest is the existence of a set of circumstances in which a contractor may be unable to render impartial advice to the government, or might have impaired objectivity in performing contracted work; or may obtain an unfair competitive advantage in the marketplace when competing for government offered work where that unfair advantage is obtained during performance of a government contract. This unfair advantage can be introduced when the contractor sets the ‘ground rules’ of procurement thereby biasing future competition. v. 10/25/2011 Training Brief

20 Conflicts of Interest, cont’d
Broad categories of OCI can be drawn from the foregoing. Those involving PI are: Unequal Access which provides unfair competitive advantage when a contractor obtains information not generally available to other competitors where such information would assist them in winning the contract over competitors. Biased Ground Rules most often come into play when the contractor is writing the SOW, performing systems engineering, or providing technical direction efforts. v. 10/25/2011 Training Brief

21 Employee Obligations Regarding Preventing OCI
Retain a copy of each NDA and maintain a personal catalogue of NDA’s. Before commencing work on activity involving Government contract support (whether indirect or direct), review personal NDA catalogue to ascertain previous access to non-public information regarding the same or related subject matter as the proposed work. Notify Office of Sponsored Programs regarding any detected relationship between proposed work and past activity. In the event of questions, err on the side of disclosure and contact OSP and Office of University Compliance. v. 10/25/2011 Training Brief

22 Violations & Enforcement
Any violation of the NDA’s and/or contractual provisions shall be reported to the Principal Investigator and Vice President of Research or his designee. Appropriate administrative action up to and potentially including termination of the violating party’s privilege to access PI may be taken by the Principal Investigator or Vice President for Research in the event of violations by the Principal Investigator. v. 10/25/2011 Training Brief

23 Conclusion UAHuntsville is committed to… Integrity,
Abide by any and all restrictions regarding confidential and proprietary data, Respect all restrictive legends. v. 10/25/2011 Training Brief

24 Questions Office of Sponsored Programs Gloria Greene, VBRH or Office of University Compliance Michael Bryan, VBRH Office of Counsel John O. Cates, Esq v. 10/25/2011 Training Brief

Download ppt "Protecting Proprietary Information"

Similar presentations

DATA PROTECTION and Research University Research Ethics Committee – 30.05.2008 David Cauchi David Cauchi Office of the Commissioner for Data Protection.

DATA PROTECTION and Research University Research Ethics Committee – David Cauchi David Cauchi Office of the Commissioner for Data Protection.
Conflict of Interest, Conflict of Commitment, and Outside Activities UTSA HOP 1.33 Non-covered UTSA staff 1.

Conflict of Interest, Conflict of Commitment, and Outside Activities UTSA HOP 1.33 Non-covered UTSA staff 1.
ETHICS. Business Conduct  The Agent agrees to conform to all applicable federal, state and local laws in conducting business under this agreement.

ETHICS. Business Conduct  The Agent agrees to conform to all applicable federal, state and local laws in conducting business under this agreement.
IIT Office of General Counsel Education Program Non-Disclosure/Confidentiality Agreements.

IIT Office of General Counsel Education Program Non-Disclosure/Confidentiality Agreements.
© 2013 Sri U-Thong Limited. All rights reserved. This presentation has been prepared by Sri U-Thong Limited and its holding company (collectively, “Sri.

© 2013 Sri U-Thong Limited. All rights reserved. This presentation has been prepared by Sri U-Thong Limited and its holding company (collectively, “Sri.
National Science Foundation Division of Science Resources Statistics May 15 2008 The Confidential Information Protection and Statistical Efficiency Act.

National Science Foundation Division of Science Resources Statistics May The Confidential Information Protection and Statistical Efficiency Act.
HIPAA Privacy Training. 2 HIPAA Background Health Insurance Portability and Accountability Act of 1996 Copyright 2010 MHM Resources LLC.

HIPAA Privacy Training. 2 HIPAA Background Health Insurance Portability and Accountability Act of 1996 Copyright 2010 MHM Resources LLC.
HIPAA. What Why Who How When What Is HIPAA? Health Insurance Portability & Accountability Act of 1996.

HIPAA. What Why Who How When What Is HIPAA? Health Insurance Portability & Accountability Act of 1996.
HIPAA Privacy Rule Training

HIPAA Privacy Rule Training
Increasing public concern about loss of privacy Broad availability of information stored and exchanged in electronic format Concerns about genetic information.

Increasing public concern about loss of privacy Broad availability of information stored and exchanged in electronic format Concerns about genetic information.
The Health Insurance Portability and Accountability Act of 1996– charged the Department of Health and Human Services (DHHS) with creating health information.

The Health Insurance Portability and Accountability Act of 1996– charged the Department of Health and Human Services (DHHS) with creating health information.
HIPAA PRIVACY REQUIREMENTS Dana L. Thrasher Constangy, Brooks & Smith, LLC (205) 252-9321; Victoria Nemerson.

HIPAA PRIVACY REQUIREMENTS Dana L. Thrasher Constangy, Brooks & Smith, LLC (205) ; Victoria Nemerson.
COMPLYING WITH HIPAA PRIVACY RULES Presented by: Larry Grudzien, Attorney at Law.

COMPLYING WITH HIPAA PRIVACY RULES Presented by: Larry Grudzien, Attorney at Law.
Jill Moore April 2013 HIPAA Update: New Rules, New Challenges.

Jill Moore April 2013 HIPAA Update: New Rules, New Challenges.
Health Insurance Portability Accountability Act of 1996 HIPAA for Researchers: IRB Related Issues HSC USC IRB.

Health Insurance Portability Accountability Act of 1996 HIPAA for Researchers: IRB Related Issues HSC USC IRB.
FERPA 102 Helpful Guide for Administrators, Security Contacts and Support Staff Prepared by the Office of the Registrar Student Records: Institutional.

FERPA 102 Helpful Guide for Administrators, Security Contacts and Support Staff Prepared by the Office of the Registrar Student Records: Institutional.
Organization Conflict of Interest (OCI) under FAR March 2012.

Organization Conflict of Interest (OCI) under FAR March 2012.
Conversation on the Chemical Facility Anti-Terrorism Standards (CFATS) and Critical Infrastructure Protection Chemical-Terrorism Vulnerability Information.

Conversation on the Chemical Facility Anti-Terrorism Standards (CFATS) and Critical Infrastructure Protection Chemical-Terrorism Vulnerability Information.
Section Four: Employee and Visitor Access Controls Note: All classified markings contained within this presentation are for training purposes only.

Section Four: Employee and Visitor Access Controls Note: All classified markings contained within this presentation are for training purposes only.
Congress and Contractor Personal Conflicts of Interest May 21, 2008 Jon Etherton Etherton and Associates, Inc.

Congress and Contractor Personal Conflicts of Interest May 21, 2008 Jon Etherton Etherton and Associates, Inc.

Similar presentations

Ads by Google