This Wisdom of the Crowd, compiled from questions and responses posted in the Small Law Departments eGroup,* addresses whether a company should make executed agreements viewable to a select group of individuals (e.g., executives, legal department) or all employees, as well as foreseeable issues with an open access policy.
*(Permission was received from the ACC members quoted below prior to publishing their eGroup Comments in this Wisdom of the Crowd resource.)
We are a small company. Historically, all employees have had access to all of the company's executed contracts (ie, the contracts are posted on a server to which every employee has access), regardless of whether they are actually involved in the agreement. This does not sit well with me, however, and so I have to ask . . .
Do you limit viewing/access of executed contracts to legal, executives, and others who need to know, or do you make them available to everyone? What problems do you foresee in allowing everyone access? If you have a relevant written policy you might share as well, I'd appreciate it.
Thanks in advance.
Wisdom of the Crowd
In response to a posting that implied that employees outside the legal departments shouldn't have access to executed contracts, I agree that employees without a business need shouldn't have access to contracts. However, the posting described an approach (giving the law department almost complete control over all contracts) that doesn't seem to give employees access to any contracts. While that may work for a company, there can be lots of good reasons for having a central contract repository that provides limited access for employees to access contracts essential to their jobs and that provides an audit trail of who accessed what documents.
1. Is it a good use of your department's time to be finding copies of contracts for everyone in the company? Most companies we work with want to get their legal staff out of having to do that job. Obviously there are some contracts that need to be kept very secure and with limited access, but that's often only a small number of contracts.
2. There can be good reasons why business people need to have access to the contracts they're responsible for. For example, sales people may need to know what's in the contracts with the customers they're responsible for. Procurement people may need to have access to contracts with vendors they're dealing with. Typically it isn't the legal staff that's responsible for managing the relationships represented by those contracts. It's the business people who have to manage those relationships; and having access to the contracts can be essential.
3. Limiting access to the official copies doesn't mean people won't get to see the contracts. They will keep their own copies of contracts they need. What happens when those contracts are amended or extended, and the business person is still working with an out-of-date document they got from legal staff two years ago? A central contract repository should give all employees with a legitimate need access to the most current version of the contract so they have no need to maintain their own copy.
4. Most questions that come up about routine contracts are not legal questions. They are likely to be related to business issues and the day-to-day administration of those contracts. Most of the business people I've dealt with are pretty smart and they've often been involved in negotiating the contracts. And, in my experience, most of them know enough to check with a lawyer when "legal" issues arise.
There are a lot of systems that can allow for business people to have limited access to contracts. One downside can be that someone has to define the access rights and someone has to set up the system to provide the proper access. It's common, for example, to give sales people and sales managers access only to the contracts with the customers they're responsible for. Trying to get too granular in the security rules can be administratively burdensome, but most companies will use role-based or other rules that can be applied by the system to simplify the administration of the access rights. 1
I agree with David. Over time, we have tried various approaches - initially, when we had just a few employees, every employee had access to contracts. We then limited access to only the business and client management folks who dealt with those clients and provided them with an electronic copy of each relevant contract. About a year ago, we limited access to just the legal group because we found we were having issues with version control and business people using outdated copies of contracts for new negotiations. We have found, though, that this approach is also less than ideal. The business people frequently need access to the contracts so legal is tasked with getting the contracts and monitoring their use - not particularly efficient.
We are now in the process of implementing a contract management system (Novatus) and will go back to the process whereby the business people have access to their contracts, but only in the system (and only with viewing rights). This will enable them to review contracts and understand agreements without having to maintain copies in their own folders. Legal will be able to maintain control over the versions and only the most current will be accessible. We are hoping to gain other efficiencies as well.
Good luck. 2
I understand Morvarid's concern and agree with the previous commenters that access to the executed agreements should be limited to the legal department and those business partners with a need to know. There may be some contract documents that contain confidentiality provisions which specifically limit review to those within your entity with a "need to know". In my opinion the legal department should maintain the original executed agreements for purposes of document retention, confidentiality and litigation. However, I agree that there are certain business clients that will need access to the agreements (though not the originals) and that can be achieved through limited access to a contract management database as described previously. 3
I'm curious as to what you consider an "original executed agreement" and if you're actually getting and keeping original, signed physical copies of contracts on a regular basis. That would be surprising to me because it's been a long time since I saw a contract that was fully executed by both parties with ink signatures and distributed as a physical document. I think that's becoming a fairly rare thing. As far back as I can remember, all of our contracts, at least with US-based parties (and with some very limited and specific exceptions), are either:
1. Executed in DocuSign, with no paper ever being created; or
2. Printed and signed in ink by each party separately, scanned to pdf, and emailed to the other party.
If we were to get a paper "original" signed agreement from someone we would scan it to pdf and likely not keep the physical document. In other words, what we end up with as our "executed original agreement" is either a pdf we and the other party can download from DocuSign or a pdf that essentially has pictures of each party's' signature. There's rarely any exchange of paper, and our "official" pdf copies are kept in the contract management system with access limited on a need-to-know basis. Document retention is also managed in the contract management system.
Maybe there's a reason you need to keep paper copies of some documents, but in my opinion there are a lot of advantages to going paperless and not retaining physical copies of the small number of documents that are actually executed and distributed on paper. 4
By "original executed agreement" I do mean "wet signatures". I have found wet signatures and paper copies to still be common place but certainly trending downwards. I definitely agree that there are advantages to going paperless (cost and ability to track being high on the list.) If the documents are not maintained in a paper format then it would just be a matter of limiting the electronic access to those individuals with a need to know. 5
We have access limited to those with a need to know. Read only access is granted to the file location for those people. Additionally, we have a CRM where we keep a copy of the document, and only those who have access to the CRM can access this (same need to know group). 6
Good comments posted so far. Let me add a bit of wisdom. If EXECUTED contracts are made available to employees, even with a need to know, your pricing, SOWs and other trade secrets and proprietary information should be found in attachments that are not accessible to anyone but a very few-and access thereto ought to be subject to a more stringent approach. Your CRM and other contracts database should give the option to limit attachments to even a more limited pool.
In fact, I set up a procedures where contracts templates where available to anyone, including third parties, on the web, executed contracts were available to employees with a need to know, and certain riders and exhibits were subject to major access restrictions.
AND always remembers that some clients may add provisions in the contract that may make such contract confidential and or a trade secret-with higher protections levels so be careful. 7
1 David Munn, General Counsel, Pramata Corporation, Minneapolis, Minnesota (Small Law Departments, March 25, 2014).
2 Jennifer Hoopes, General Counsel, Foreside Financial Group, LLC, Portland, Maine (Small Law Departments, March 26, 2014).
3 Sonya Springer, Senior Counsel, American Red Cross, Washington, D.C. (Small Law Departments, March 27, 2014).
4 David Munn, General Counsel, Pramata Corporation, Minneapolis, Minnesota (Small Law Departments, March 27, 2014).
5 Sonya Springer, Senior Counsel, American Red Cross, Washington, D.C. (Small Law Departments, March 28, 2014).
6 Rebecca Parker, Corporate Counsel, Informa Research Services, Inc., Calabasas, California (Small Law Departments, March 26, 2014).
7 Eduardo Roman, Corporate Counsel, Cape Coral, Florida (Small Law Departments, March 26, 2014).