Tom Cedoz

Checklist · Labor & Employment

The Departing Employee: Protecting the Business on the Way Out

When someone with the keys gives notice — especially headed to a competitor, a customer, or their own new venture — the decisions that matter most get made in the first few days, often before anyone is thinking about litigation. The sequence below front-loads the steps that cannot be undone later.

Updated June 2026· 20 items· Prints to 2 pages

Triage: who is this, and where are they going?

Not every resignation needs this playbook. Run it when the person had real access — to trade secrets, source code, pricing, customer relationships, or sensitive systems — and the destination raises questions. The risk is highest when the move is to a direct competitor, to a customer, or to a venture the person is starting. Decide the tier in the first hours; it sets how much of what follows you actually do.

Preserve before you touch anything

This is the phase that gets skipped under time pressure and cannot be recovered. The forensic window is short, and routine IT hygiene — reimaging, reassigning, wiping — destroys the best evidence you will ever have.

Investigate the access

The question is narrow: in the final weeks, did this person move company information somewhere it should not be? Most of the answer lives in the artifacts you just preserved.

Manage access and secure the relationships

Two competing pressures: cut off access before anything else walks out, but not so abruptly that you tip off a person you are still quietly investigating. Plan the timing deliberately.

The exit conversation and what follows

The thing behind the thing

Image first, investigate second. A reissued or wiped laptop is destroyed evidence — and in most trade-secret cases the single most valuable proof of what left and why lives in the departing employee’s own download history, USB log, and sent mail. Lose that, and you are litigating a hunch.