Intellectual property (IP) can cover a variety of elements, from patents and registered designs to business trade secrets.

It is crucial to the success of your company that you protect your IP, as this can be as important as the products or services you sell – sometimes more so. If your business is based on your IP (for example, a patent), it becomes even more vital to protect it adequately.

The 5 tips below will help you protect your business and enable it to commercially exploit its IP. By following them, business owners will avoid a number of costly problems and pitfalls common to start-ups across all sectors.

1. Get a good understanding of IP

IP is an intangible asset that can make or break your business. It encompasses creations of the mind, including patents, designs, copyright works, and trade marks. IP can be protected through a variety of legal measures that offer recognition and help protect business revenue. If managed correctly with conscious planning, this can safeguard a business’ assets and ensure healthy relationships with clients, partners and competitors alike.

2. How does IP relate to my business?

Whether you are an inventor, creative designer, writer or software developer, your work will often constitute IP. If you seek the appropriate help and protect your ideas, this can work to protect the longevity of your business, prevent competitors benefiting from your IP and give you options to licence or sell your IP rights in the future.

3. How can IP affect my business?

If unprotected, your lead competitor can take advantage of your IP, and potentially take your product to market before you. Speed is everything, meaning you could lose your competitive edge and potential customers, damaging both your reputation and cash flow. Once you have protected your IP, your competitive edge and market share is safeguarded. This gives you a right of challenge, but also the opportunity to sell the IP if your business wishes to step out of the market or diversify.

4. Do I need a trade mark?

If you have niche product, an online business, or have plans to expand your business abroad, securing trade mark protection will protect and add value to your business. An early decision involves where you will trade and under what brand. If you intend to use the same name worldwide, you will need to check its availability internationally and then protect your name, country by country, focusing on your most important markets first.

5. Working with contractors and suppliers

If you collaborate with contractors, freelancers or non-employees on any form of IP creation or development for your business, you should put in place a written agreement which not only describes and records the IP but also states that all IP created belongs to your business. Otherwise, the IP remains with your contractor.

If you need to disclose any confidential information or trade secrets to third party suppliers, either prior to negotiations or upon commissioning work, always have in place a confidentiality agreement beforehand.

With just a year to go until the biggest shakeup of data protection law in 20 years, 25% of businesses and organisations in the UK are unaware of the new legislation and almost half have yet to start preparing for its introduction, according to a survey by Ipsos MORI and Brodies LLP.

The clock is ticking on the introduction of the General Data Protection Regulation (GDPR), which comes into force on 25 May 2018 and will impose strict new rules on the way that organisations collect, store and use personal data. Currently, the Information Commissioner has powers to issue fines of up to £500,000 for data breaches. However, under the GDPR the maximum fine for the most severe breaches will be €20 million (£17 million) or 4% of a business’ worldwide turnover.

The regulation, which replaces the current Data Protection Act 1998, will also herald the end of the pre-ticked ‘opt-in’ boxes that are widely used on websites for marketing purposes. Instead, those handling personal data will be required to seek consent through “affirmative action” from individuals and will have to explain to them how their data will be used, how long it will be kept and how it will be safeguarded.

The survey of private and public sector organisations across the UK carried out by Ipsos MORI on behalf of Brodies reveals a low level of awareness and preparedness despite the risks of non-compliance.

As a first step towards compliance, organisations that handle personal data should carry out an information audit to identify what personal data they hold, where they hold it, where it came from, what they use it for and with whom it is shared. Despite the fact that 74% of the 92 respondents believe the GDPR will have a “high” or “medium” impact on their organisation, 45% of respondents have yet to carry out such an audit and 8% don’t know whether they have.

Positively, when asked about their organisation’s readiness for the introduction of the new legislation, just over two-thirds of respondents (67%) said they were on track for compliance by 25 May 2018, although 11% said they were unlikely to be compliant by then and 17% did not know. Just 5% said their organisations are ready now, a year ahead of the deadline.

The biggest obstacle to GDPR compliance identified by organisations was resource, followed by the need for cultural change, lack of regulatory guidance, budget constraints and lack of clear internal ownership / responsibility for compliance.

Commenting on the survey’s findings, Elizabeth Denham, UK Information Commissioner, said: “Together with government and European authorities, we’ve been reaching out to organisations to help them get ready for GDPR since March 2016, but we know there are organisations which have yet to engage. With one year to go, there’s still time to prepare, but there’s no time to waste.”

High Res- Grant CampbellGrant Campbell, Head of Brodies’ Commercial Services Division, added: “Personal data is the lifeblood of many organisations and, increasingly, how they handle that data is a matter of concern not just to regulators but to us all. Meeting the requirements of GDPR is a regulatory compliance issue but it also protects organisations from brand and other reputational damage and that will be increasingly important if individuals are to trust them with their data and business.

“These survey results show that, for many, there is a lot of work to do if GDPR compliance is to be achieved by May 2018. While 67% of organisations are confident that they will be ready, it is difficult to reconcile that statistic with the finding that over half of organisations have not (or don’t know whether they have) conducted an information audit, which is an essential building block for a compliance strategy.”

To view the results of the Brodies / Ipsos MORI survey, visit: http://brodi.es/GDPR_R3sults.

With a year to go until the General Data Protection Regulation comes into law, the British Chambers of Commerce (BCC) is urging businesses to start preparing to ensure that they are compliant with the legislation when it comes into force.

From 25 May 2018, all businesses that hold personal data will have to guarantee that their data procedures are fit for purpose and compliant with the new regulation.

While the GDPR is an EU-initiative, the UK government has already made it clear that the legislation will still take effect in the UK after Brexit. Businesses that are found to be non-compliant risk potential fines of up to €20 million or 4% of annual worldwide turnover.

Chambers of Commerce around the country are urging their members to start taking the necessary preparations to ensure they are ready for the regulation.

Steps for businesses to take include:
• Document what personal data the company holds, where it came from and who it is shared with. Firms may want to consider organising an information audit or speaking to a data expert
• Review current privacy notices and plan for any necessary changes needed before the implementation deadline
• Check procedures to ensure that they cover all the rights individuals have under the new rules, including how to delete personal data or provide data electronically if needed
• Review how the company seeks, obtains and records consent from individuals, and whether any changes are necessary
• Ensure the right procedures are in place to detect, report and investigate a personal data breach
• Determine whether a Data Protection Officer is required, and designate one if so, to take responsibility for data protection compliance and assess how the role will sit within the organisation.

For more steps on preparing for the General Data Protection Regulation, businesses should revert to the Information Commissioner’s Office checklist.
David Riches, Executive Director at the British Chambers of Commerce (BCC), said:
“Businesses need to be proactive about ensuring they are ready for the new data protection regulations when they come into force this time next year, and not leave preparations until the eleventh hour. Those firms that don’t fulfil the necessary responsibilities leave themselves vulnerable to tough penalties, not to mention public scrutiny.

“With twelve months to go, there are a number of procedures businesses should be reviewing to determine what changes may need to be introduced to be compliant. Businesses that are already vigilant about their data protection responsibilities won’t be unduly burdened by the new legislation.

“The General Data Protection Regulation is intended to reflect modern working practices in the digital age, and will strengthen consumer trust and confidence in businesses. It will establish a single set of rules across Europe, which will make it simpler and cheaper for UK companies to do business across the continent, even after we leave the EU.”

DLA Piper in Scotland has launched a Data Protection Officer Training Academy to help businesses avoid hefty fines when a new data protection law comes into force next year.

The law firm is the first in the country to offer an initiative of this type dedicated to training organisations that collect, manage or handle personal data to mitigate identify fraud and reduce opportunistic cyber-attacks.

During a two-day accredited course, taking place in Edinburgh on 5 – 6 June, senior members of DLA Piper’s global Data Protection Privacy and Information Security group, along with renowned industry experts, will educate and up-skill businesses on new EU law, the General Data Protection Regulation (GDPR), effective from May 2018.

GDPR introduces a stringent new regime for the collection, storage and use of personal data, including severe penalties for misuse. It carries some of the very highest sanctions for non-compliance, including revenue based fines of up to 4 per cent of annual worldwide turnover.

Head of DLA Piper’s Intellectual Property and Technology UK practice, John McKinlay, said: “Compliance with GDPR is going to mean all companies will have to alter their data security practices, with many having to make radical changes to ensure their current policy and protocol is extremely stringent.”

“It will become compulsory for businesses to be able to demonstrate how they comply with GDPR by showing that they genuinely take data privacy obligations seriously. Failure to meet these requirements will mean expensive fines.”

“The new law comes into force in one year, which isn’t long for companies that have to adopt an entirely new data security and management system across the whole organisation.”

The Academy, which DLA Piper also successfully delivered in Brussels and London recently, covers topics including how to reduce the risk of data breaches, what to do if a breach takes place, handling complaints and how to respond to regulatory investigations.

Following the course, participants will be armed with the necessary knowledge of relevant legal, technical and operational skills to successfully fulfil the role of a Data Protection Officer. They’ll also receive a comprehensive toolkit comprising supporting guidance notes and template documents to use in the role.

For more information about DLA Piper’s Data Protection Officer Training Academy including how to attend, contact angela.saunders@dlapiper.com