Policy Regarding Vendor Confidentiality and Non-Disclosure Agreements

Hyperion Research’s business depends not only on the free flow of information and opinion, but also on our ability to be responsible stewards of confidential information. On occasion vendors and clients ask Hyperion Research to agree to Confidentiality or Non-Disclosure Agreements (NDAs) before communicating information they regard as confidential. This policy discusses the typical situations in which our analysts may be asked to enter into NDAs, and the policy and process for dealing with such requests.



Hyperion’s policy is not to enter into NDAs for vendor briefings, as we want our analysts to be able to freely use and write about the information they collect outside of contractual client services – just as in the news industry, everything is “on the record.” This is distinguished from client service-related work, including vendor information received in the context of a client engagement, which is subject to strict protections of confidentiality.

We will consider exceptions to this policy for specifically identified information that a vendor believes is particularly sensitive, yet important to understand the context of a product, service or other aspect of the vendor’s business. Such confidential disclosures should be as narrow as possible, and must be specifically identified. When such an exception is made, only Hyperion’s NDA agreement may be used, as it enables Hyperion to limit the scope of the NDA to specific information imparted during the vendor briefing. Alternatively, the analyst and vendor may postpone the Vendor Briefing until all parties are able to resolve sensitivities.



During the course of a Vendor Briefing, vendors occasionally ask the participating analyst(s) to verbally agree not to disclose certain information deemed confidential. If an analyst agrees to receive information based on such a verbal agreement – “off the record” information – it is critical for the vendor to specifically identify the information deemed to be confidential. Any such verbal commitment will be valid for a maximum of thirty (30) days following the briefing, unless specifically identified in writing to be included and subject to a previously executed NDA.



A common aspect of advisory service engagements is the use of NDAs. Confidentiality provisions of our engagement letters typically include confidentiality and non-disclosure provisions. If in the course of an engagement, a vendor wishes to either modify or put in to place a specific NDA, it is considered the vendor’s responsibility to make the request. Hyperion will enter into an NDA with a vendor for a specific advisory service engagement for a maximum one year term.



Confidential client information exchanged during a service engagement is covered under the confidentiality terms of the Master Client Agreement. An additional confidentiality agreement is unnecessary, and will not be entered into. It is the client’s responsibility to identify information as confidential.



The following are Hyperion’s best practice guidelines to help ensure proper procedure for confidentiality and NDAs:

  • Our goal is to always respect confidential information; therefore, information considered confidential should be specifically identified and described in writing;
  • Submit confidentiality or NDA requests well in advance of their needed date so that they can be properly reviewed, paperwork completed and signatures attained;
  • Read and understand the terms of confidentiality or NDA, including all individuals who are subject to the restrictions;
  • Verify that an NDA contains all parties’ signatures, and retain a copy for future reference; signatories should have proper signature authority;
  • Ensure that NDA expiration dates are properly noted and respected;
  • Written information, either in hardcopy or electronic form, should be clearly marked “confidential”;
  • Information is not confidential simply because it is marked confidential; public information or information otherwise available through non-confidential sources will not be considered confidential, even if it is claimed to be confidential. For example, information that you also publish on your public-facing website is, by definition, not confidential;
  • Verbal communications considered confidential should be limited; in the case where verbal communication is considered confidential, both the provider and receiver should actively acknowledge that the information is considered subject to confidentiality or an NDA;
  • Vendors should be aware that the Vendor Briefing Process is generally not subject to confidentiality or NDA.