For a company of any size, non-disclosure agreements (NDAs) provide one of the most important and basic tools for protecting corporate information and intellectual property rights, particularly patents and trade secrets. So, for technology executives and others who encounter NDAs from time to time, it’s important to understand how they operate.

NDAs are conceptually straightforward—an agreement to keep a secret. So you might assume they’re all basically the same. You might even hear someone refer to a “standard NDA,” and assume that there’s not much to be gained by negotiating the details.

But the truth is that NDAs vary significantly, and there’s not a universally-accepted standard that works for every situation. NDAs are often negotiated, and the terms that best protect your interests will vary depending on whether you’re the one disclosing confidential information, how the receiving party intends to use the information, and other factors.

Of course, many businesses have an NDA template that they might consider their “standard NDA” for a certain type of situation. But a good template has at least a handful of variables, and the adaptations for a specific use of the template can be substantial.

Although the “standard NDA” (at least in one sense of the term) is a myth, there are certain core provisions that are so essential or pervasive that they can fairly be considered “standard” elements of an NDA. The language of these core provisions can vary significantly, but the substance is what counts. So here’s a short summary of the core elements in a basic NDA.


NDAs all have the same general goal – I’m going to tell you a secret, and you’re going to keep it a secret. So a competent NDA has to do at least two things: (1) delineate what will be considered a secret, and (2) create a legal obligation to keep it a secret. Think of an NDA as creating a “lock box” of information. At a minimum, a good NDA tells the parties what goes in the “lock box” and how the “stuff in the lock box” must be handled by the receiving party.


There are a few standard clauses that specify what information will be protected by the NDA. In the “lock box” analogy, these clauses define “what goes in the lock box.” Although additional clauses are often used to refine the boundaries, these basic clauses appear in virtually all NDAs:

  • Definition of Confidential Information – What’s Covered?  In the vast majority of NDAs, “Confidential Information” (or a similar term) is a broadly-defined term that sets a general scope for what will be protected under the NDA. The term is typically defined broadly enough to encompass pretty much everything that the disclosing party might disclose to the receiving party, in any form or format (oral, written, computer-readable, etc.).
  • Exclusions (or Carve-Outs) – What’s Not Covered?  Exclusions define a few types of information that will not be protected under the NDA, even if that information falls under the broad definition of “Confidential Information.” These exclusions usually include (1) information that was already public, (2) information that the receiving party already had, and (3) information that becomes public later on (unless it becomes public due to a breach).
  • Time Restriction – Time Period for Confidential Disclosure. The time period for confidential disclosure sets a cutoff point (e.g., three months from the date of the agreement) for disclosing information that will be protected under the NDA. After the cutoff point, information disclosed to the receiving party will not be protected under the NDA, even if the information falls under the broad definition of “Confidential Information.”


There are also a few standard clauses that specify what actions are required (or prohibited) with respect to the information that’s protected by the NDA. Continuing the “lock box” analogy from above, these clauses define what happens to the “stuff in the lock box.” Additional clauses are often used to further refine the boundaries, but these clauses appear to be relatively universal:

  • Keep Confidential – Who Can See the Stuff?  Virtually all NDAs affirmatively require the receiving party to keep the information confidential. This obligation requires the receiving party to protect the “stuff in the lock box” and to limit who can access it. Typically, the information can only be disclosed to certain individuals who (1) have a need for the information in connection with a purpose that’s specifically stated in the NDA, and (2) are obligated to keep the information confidential.
  • Restrict Use – What Can They Do With It?  Even the individuals who are authorized to receive the confidential information must limit their use of it. The obligation to restrict use typically prohibits the receiving party from using the “stuff in the lock box” for any reason other than a purpose that’s specifically stated in the NDA.
  • Exception – What If A Court Orders Disclosure?  If the receiving party becomes legally required (e.g., by a court order) to disclose any of the “stuff in the lock box,” it may disclose that information without violating the agreement. Typically, the receiving party is also required to notify the disclosing party, so that the disclosing party can seek a protective order or contest the requirement to disclose.
  • Return or Destroy – What Happens To Materials?  The receiving party is typically required to either (1) destroy materials embodying the Confidential Information, or (2) return them to the disclosing party at some point in time. This obligation may arise in a number of ways, for example, automatically upon termination of the agreement, conditionally upon request by the disclosing party, or both.


So even though there’s not a universally-accepted “standard NDA” that would be appropriate for every situation, the core provisions outlined above appear in the overwhelming majority of NDAs, in one form or another.

But you probably noticed that the list above doesn’t include some of the provisions that you’ve seen in many NDAs. That’s because those other provisions are not always necessary or appropriate, they should be considered negotiable, or they tend to disproportionately favor one side or the other (i.e., the disclosing party or the receiving party). In my next post, I’ll outline several of these other provisions that we commonly see in NDAs, and I’ll explain when and how you might be able to use them to protect your intellectual property rights.

NOTE: This article was originally published on Fish & Richardson’s IP Litigation blog.

Michael K. Henry, Ph.D.

Michael K. Henry, Ph.D., is a principal and the firm’s founding member. He specializes in creating comprehensive, growth-oriented IP strategies for early-stage tech companies.