You have an NDA. That is the easy part. The hard part is having an NDA that actually works when you need it.
Most businesses treat non-disclosure agreements as a checkbox — something to sign quickly before a meeting or partnership discussion. But a poorly drafted NDA is worse than no NDA at all. It gives you a false sense of security while leaving your most valuable information unprotected.
Here are the seven most common NDA mistakes — and how to avoid every one of them.
1. Defining Confidential Information Too Broadly
The single most common mistake. Language like "all information shared between the parties" sounds comprehensive, but courts routinely reject it as too vague to enforce.
The problem: If everything is confidential, nothing is confidential. A judge needs to determine exactly what information was protected and whether it was actually disclosed under the agreement.
The fix: Be specific. List categories of confidential information — trade secrets, customer lists, financial projections, product roadmaps, source code — and include a catch-all clause for "other information clearly marked as confidential." This approach gives you both breadth and enforceability.
2. Missing a Clear Duration
An NDA without a defined term is an invitation for dispute. How long do the obligations last? One year? Five years? Forever?
The problem: Courts in many jurisdictions will refuse to enforce an NDA with no end date or an unreasonably long term. Meanwhile, the receiving party has no clarity on when their obligations expire.
The fix: Set an explicit term — typically 2 to 5 years for most business relationships. For trade secrets, include a survival clause that extends confidentiality obligations beyond the agreement's expiration for as long as the information qualifies as a trade secret under applicable law.
3. No Exclusions for Public Information
Every enforceable NDA needs carve-outs. Without them, the receiving party could be bound to keep secret information that is already widely known.
The problem: If your NDA does not exclude publicly available information, independently developed information, and information received from third parties without restriction, a court may void the entire agreement as unreasonable.
The fix: Include standard exclusions:
- Information already in the public domain
- Information the receiving party already knew before disclosure
- Information independently developed without reference to confidential materials
- Information received from a third party with no confidentiality obligation
4. Weak or Missing Remedies Clause
What happens if someone violates your NDA? If your agreement does not say, you are starting from scratch in court.
The problem: Without a remedies clause, you rely entirely on the court to determine appropriate relief. This costs more time, more money, and produces less predictable outcomes.
The fix: Specify that the disclosing party is entitled to injunctive relief (a court order to stop the breach immediately) in addition to monetary damages. Include a clause acknowledging that a breach would cause irreparable harm not adequately compensated by money alone — this makes it significantly easier to obtain an emergency injunction.
5. Forgetting the Return-of-Materials Clause
After the business relationship ends, what happens to all the documents, files, and data that were shared?
The problem: Without a return-of-materials clause, the receiving party has no legal obligation to return or destroy your confidential information. They could retain copies indefinitely.
The fix: Include a clause requiring the receiving party to return or destroy all confidential materials — including copies, notes, and derivative works — within a specified timeframe (typically 10–30 days) after the agreement expires or upon written request. Require written certification of destruction.
6. Using the Wrong NDA Type
A mutual NDA when you only need one-way protection. A one-way NDA when both parties are sharing information. The wrong type creates either unnecessary risk or unnecessary friction.
The problem: A mutual NDA in a hiring context means the contractor's information receives the same protection as yours — which complicates your ability to enforce restrictions. A one-way NDA in a partnership discussion signals distrust and can derail negotiations.
The fix: Match the NDA type to the relationship:
- One-way (unilateral): Hiring contractors, pitching to investors, employee onboarding
- Mutual (bilateral): Partnerships, joint ventures, M&A discussions, vendor evaluations where both sides share proprietary information
7. No Jurisdiction or Dispute Resolution Clause
If a breach happens, where do you file suit? Which state's laws govern the agreement? Without answers to these questions, you could spend months just arguing about logistics.
The problem: In cross-state or international business relationships, the absence of a governing law clause means either party could argue for the jurisdiction most favorable to them. This adds cost, delays enforcement, and introduces uncertainty.
The fix: Always specify:
- Governing law: Which state's laws apply to the agreement
- Jurisdiction: Which courts have authority to hear disputes
- Dispute resolution: Whether disputes go to litigation, mediation, or arbitration — and in what order
For most businesses, choosing your home state's laws and courts is the simplest approach.
The Bottom Line
An NDA is only as strong as its weakest clause. These seven mistakes are not edge cases — they appear in the majority of template NDAs downloaded from the internet.
The good news: every one of them is fixable. A properly structured NDA with specific definitions, clear terms, standard exclusions, and strong remedies will hold up when it matters.
Ready to create an NDA that actually protects your business? Contract.diy generates jurisdiction-aware NDAs with all the essential clauses built in — no legal background required.