No written "policy" that dictates the sequence of events but as an engineering consulting company that deals with many customers, vendors, etc. large and small we do have a common pattern that we follow. We have a mutual non-disclosure agreement that we offer but we are also willing to look at the other parties standard agreement. Typically the later is the much quicker route when dealing with large companies with internal legal departments.
A couple common issues we run into especially dealing with very large companies is what we refer to as the "Taco Bell Dog Syndrome". If you want to pitch a design to a large company they will most likely defer unless any patent application(s) are public or you are willing to waive your rights to any IP. The Taco Bell reference goes back to the Chihuahua ad lawsuit.
Another issue is the one-way agreement where any thought you might have from the date you sign the document belongs to the other company if the other comapny is in that business now or not. Same issue for non-compete. We don't sign those. Some NDA's we've signed do require that we do not disclose that we are working with or have even spoken to the named company. Homeland security, paranoid, whatever but it sure makes promoting our business difficult: Trust us. We did this one thing for these people and it was great. Wish we could say who and what but we can't....
Shoot me an email direct if you would a blank copy of our NDA Charles. That is if you think it would be of any benefit.
We also some standard language in our concept proposal templates that cover IP created by us while under contract, jointly, or previous to the contract that is available for license.
Specifically, I'm looking to see if someone has a policy detailing the following:
1. What are company employees allowed to divulge to customers?
2. Who has the authority to allow further content to be distributed?
3. What is the procedure for acquiring an NDA?
4. What is the procedure for safe data distribution?
I assume there are some larger companies who have a written policy like this. As my irony statement points out, I'm sure that policy covers itself, and thus can't be distributed on a public website.
Essex is a company with 370 employees. We are too small to have our own lawyers, but we do have resourses available if we need legal advice. This puts engineers in the crunch when we need an NDA written, as I can't just walk over to someone and make a request.
Understood. When I worked at Goodrich Avionics (17K+ employees) I had no idea the path to an NDA.
More often than not we end up dealing with the purchasing group and not the engineering dept when we need an NDA now. You might try some of your purchasing contacts (LinkedIn?). Best of luck on this one. This is the kind of "business" stuff I don't really enjoy.
I'm not sure how much I can say exactly, but we are a pretty daggum big global company. We do have a pretty strict information security policy. Of course, there are many different business units, divisions, sections, groups, etc. However, at each level there are certain types of documents. Each area categorizes the documents/information they create/manage at one of several different levels, based on some rules about the potential negative impact of that information getting into the wrong hands. Handling procedures are standardized for each document level, so a "super-duper secrety secret" document can't be printed by anyone ever, and you even have to gouge out your eyes with a hot knitting needle if you happen to see it accidentally. The security level of our security policy is somewhere between "super-duper secrety secret" and "OK to take home and use for wrapping paper at Christmas". I can't tell you which level or tell you any more detail about it...
Aaah, they're coming for me!!!!! There's the knitting needdddddddddddddd;a;popppppdpdfpp HELP!!!!