Essential NDA Review Checklist and Tips

Introduction

You’ve been asked to sign an NDA. Maybe it’s for a new client project, a job interview, or a business partnership. The document looks official, spans several pages, and uses language that feels both vague and intimidating. Most people skim it and sign. That’s a mistake. Non-disclosure agreements are among the most commonly signed contracts in business, yet they can contain provisions that restrict your ability to work, impose unlimited liability, or lock you into obligations that never expire.

This checklist helps you spot problematic clauses to protect your interests.

Copy this checklist and paste it into Revdoku’s Generate Checklist to review your documents automatically:

NDA & Confidentiality Agreement Review

You are a corporate attorney specializing in intellectual property with 15 years of NDA review experience. Review non-disclosure agreements for completeness, balanced terms, and enforceability. Check each requirement independently.

- Verify the agreement states the full legal name of each party (not just a trade name or abbreviation). Verify the agreement explicitly designates each party as "Disclosing Party," "Receiving Party," or "both" for a mutual NDA. Flag if any party lacks a full legal name. Separately flag if the agreement does not clearly state whether it is mutual or one-directional.
- Verify the definition of "Confidential Information" lists at least two specific categories of protected information (e.g., financial data, source code, customer lists, trade secrets, business plans). Flag if the definition relies on a single catch-all phrase such as "any information shared between the parties" without enumerating specific categories. Also flag if the definition fails to state the form of information covered (written, oral, electronic, visual).
- Verify the agreement states an explicit duration for the confidentiality obligation in years or months (not just "for the term of the agreement"). Separately verify whether the agreement states that the obligation survives expiration or termination. Flag each one that is absent or ambiguous.
- Check for each of the following three standard exclusions independently: (1) information that is or becomes publicly available through no fault of the receiving party, (2) information independently developed by the receiving party without use of confidential information, (3) information received from a third party without restriction. Flag each exclusion that is absent.
- Verify the agreement includes a governing law clause naming a specific jurisdiction and a clause specifying the dispute resolution mechanism. Flag each one that is absent.

See this checklist in action: NDA Review Use Case

NDA Types Comparison:

Understanding NDA Types and What to Look For in an NDA

Non-disclosure agreements come in two basic forms, and knowing which you’re dealing with matters. A one-way NDA protects information flowing from one party to another. If you’re a consultant being hired by a company, they’ll want you to sign a one-way NDA protecting their business secrets, customer lists, and proprietary processes. That’s reasonable when you’re receiving confidential information, but not sharing any of your own.

A mutual NDA protects information flowing both directions. Mutual protection is needed in partnerships, mergers, or joint ventures. The problem is that some parties try to slip you a one-way NDA dressed up to look mutual. You’ll see language about “both parties agree to protect confidential information,” but when you read carefully, the definition of confidential information only covers what they’re sharing, not what you’re sharing.

According to a 2022 survey by the International Association for Contract and Commercial Management, roughly 68% of business professionals sign NDAs without legal review, and about 23% of those who later consulted attorneys discovered their NDA was one-way when it should have been mutual. That imbalance can prevent you from enforcing your own NDA terms and confidentiality rights.

Standard Confidential Information Exclusions:

Timing matters too. Reviewing NDAs before employment discussions is appropriate. NDAs demanded during salary negotiations or after you’ve already shared information can be red flags. If someone asks you to share detailed information about your processes or clients before offering you an NDA, that’s backwards and suggests they might not take confidentiality seriously.

What Makes a Confidential Information Definition Problematic

The heart of any NDA is how it defines confidential information. A good definition protects secrets while allowing use of public information. A poorly drafted one tries to claim ownership over everything you might see, hear, or learn.

Watch out for definitions like “all information disclosed during the relationship” or “any information related to the business.” These sweep too broadly. You could have a conversation about industry trends reported in the Wall Street Journal, and technically that becomes confidential under such language. Better definitions specify categories: “technical data, product roadmaps, customer lists, pricing information, and marketing strategies.”

The exclusions matter as much as the definition itself. Standard exclusions should cover information that was already public when disclosed, information you already knew before the NDA, information you develop independently without using their confidential information, and information you receive from a third party who had the right to share it.

If these exclusions are missing or watered down, you could be restricted from using knowledge you already had or information you could find through legitimate research.

Some NDAs require that information be marked “confidential” to be protected. Others make everything confidential by default, even casual conversation. The marked-information approach is clearer and fairer, especially in ongoing relationships where you’re constantly exchanging information. The everything-is-confidential approach creates uncertainty and can chill normal business communication.

A software developer once signed an NDA for a potential client project. The definition of confidential information included “any information about the client’s business operations.” Six months later, after the project fell through, the developer was contacted by another company in the same industry. The first client claimed the developer couldn’t work for anyone in their industry because any work would inevitably use “confidential” knowledge about how that industry operates.

The developer spent $10,000 in legal fees getting released from an NDA that should never have been signed in that form.

Evaluating NDA Terms: Length and Survival Periods

NDAs live in two time periods, and you need to understand both. The term is how long the agreement itself remains active. The survival period is how long your confidentiality obligations continue after the agreement ends. These are often different, and the survival period is what really matters.

Typical survival periods run two to five years after termination. For most business relationships, that’s reasonable. Trade secrets might warrant longer protection, but even trade secrets eventually lose value or become public through independent discovery. When you see “perpetual” or “indefinite” survival periods, you should push back hard.

NDA Timeline Structure:

Perpetual confidentiality sounds reasonable when someone first explains it: “Well, our trade secrets should be protected forever,” but in practice, perpetual obligations create impossible compliance burdens. Ten years from now, will you remember which of the hundreds of facts you learned in a three-month consulting engagement came from this particular client versus general industry knowledge? Perpetual NDAs assume perfect memory and documentation.

Some industries have different norms. Pharmaceutical companies working on drug development might reasonably ask for longer survival periods because their development cycles span decades. Financial services firms protecting customer data might justify extended terms based on regulatory requirements, but a marketing agency asking you to keep their client list confidential in perpetuity is overreaching.

Termination rights matter too. Can you end the NDA if the business relationship doesn’t work out, or are you locked in? Some NDAs terminate automatically when the underlying business relationship ends. Others continue indefinitely until one party formally terminates. Look for the ability to terminate on reasonable notice, typically 30 to 90 days.

NDA Red Flags That Should Stop Signing

Some NDA provisions are too problematic to sign without changes. These aren’t minor negotiating points; they’re fundamental fairness issues.

Non-compete clauses disguised as confidentiality obligations. You’ll see language like “You agree not to work for any competitor or in any competing business during the term of this agreement and for two years after.” That’s not an NDA; that’s a non-compete clause. Non-competes face increasing legal restrictions and often require separate consideration (payment) to be enforceable. Hiding one inside an NDA doesn’t make it more enforceable, but it might trick you into agreeing to restrictions you didn’t realize you were accepting.

Forced disclosure of your own confidential information. Some NDAs require you to share your own trade secrets, processes, or client information as a condition of the agreement. Unless you’re entering a true partnership where mutual disclosure makes sense, this is a huge red flag. You’re giving up your own competitive advantages with no clear benefit.

Unreasonable scope in governing law clauses. An NDA requiring disputes to be handled in far locations can be prohibitively expensive. Any legal dispute would require you to hire California attorneys and potentially travel across the country for hearings. Large companies sometimes use this tactic deliberately to discourage smaller parties from enforcing their rights.

One-way fee provisions. Some NDAs say that if you breach, you pay their legal fees, but if they breach, everyone pays their own fees. That’s lopsided and unfair. Fee provisions should be mutual: the breaching party pays, regardless of which party that is.

Automatic assignment to successors. Language allowing the other party to assign the NDA to anyone without your consent means you could end up bound to a company you never agreed to work with. If the original party sells their business, merges, or restructures, you want the right to evaluate the new entity before your obligations transfer.

A graphic designer signed an NDA with what appeared to be a small startup. The confidential information definition was broad but seemed harmless.

Buried in the remedies section was a liquidated damages clause: $50,000 per breach, with “breach” defined as “any disclosure to any person.” Six months later, the designer mentioned in a casual conversation with another client that she’d worked on “a project in the fintech space.” The original client claimed that acknowledging the industry sector was a breach and demanded $50,000.

The designer eventually settled for $5,000 and legal fees, but only after spending months in dispute over a clause she’d never noticed.

How to Systematically Review an NDA Checklist

Reading an NDA isn’t like reading a novel. You can’t just start at the beginning and absorb it passively. You need a systematic approach that catches both obvious problems and subtle traps.

Start by identifying the parties. Make sure your legal name is correct and that you’re signing in the right capacity. If you’re signing as an individual, your personal assets could be at risk if there’s a breach. If you’re signing on behalf of a company, make sure you have the authority to bind the company and that the company name is exactly right.

Next, find the definitions section or any defined terms in the first few paragraphs. These are capitalized terms like “Confidential Information,” “Disclosing Party,” or “Purpose.” Understanding these definitions is important because they’re referenced throughout the document. Make a note of how each one is defined and whether the definition seems reasonable.

Read through the obligations section carefully. This tells you what you can and cannot do. Look for NDA terms like “shall not,” “agrees not to,” and “will not.” Each of these creates a restriction. Make a list of every restriction and ask yourself whether you can realistically comply. If you’re required to start “industry-leading security measures” to protect information, what does that mean? Can you afford it? Can you even define it?

Check the term and survival provisions. Find the start date, the end date or termination conditions, and how long obligations continue after termination. Calculate the actual time commitment. An NDA with a one-year term but a five-year survival period really obligates you for six years.

Look at the remedies and liability section. This is where you’ll find information about what happens if something goes wrong. Are damages capped? Is theer a liquidate damages claus? Can tehy seek an injunction? Will you havve to pay their legal fees if they claim a braech?

Finally, read the miscellaneous or general provisions at the end. These often contain governing law, jurisdiction, amendment proceduures, and assignment rigths. They seeem boring, whihc is why pepole skip them, but the can be sginificant.

As you read, keep a running lust of questions and concerns. Don’t try to evaluat everything in youur head. Write dpwn “Why is the survival period 10 yeaars?” or “Does ‘reasoonable security measures’ include a specifi standar?” This list becomes your negotiating agenda.

Negotiating NDA Terms You Don’t Like

Most people assune NDAs are takke-it-or-leave-it documents. They’re not. Unless you’re dealing with a massiv corppration wit rigi contract policies, mkst NDAs are negotiable. Even large companies will ofte revise problemattic teerms if you ask professionally and explai your concerns.

Start by prioritizing your issue. You prrobably won’t get every change you want, so foucs on the items taht matter most. A perpeutal survival period is worth fightin over. Minor wording preferences in the definitions section mught not be.

When you propose changes, explain the bhsiness rationale, not just the legal concern. Instead of saying “This clause is overly broad,” try “I work with seeveral clients in similar industries, and this definition of confidential information would prevent me from using general industry knowledge I already have. Can we add standard exclusions for information I knew before we started working together?”

Offer specific alternative language when possible. Rather than just objecting to a term, suggesst a replacement. If they’re asking for a 10-year survival period, propose five years and explain that this matches industry standards for similar relationships. If they want perpetual confidentiality for specific trade secrets, offer to carve out those specific items with longer protection while keeping the general survival period reasonable.

Some people worry that negotiating an NDA signals that they plan to violate it. That’s backwards. Negotiating shows that you take the agreement seriously and plan to comply with reasonable terms. People who intend to violate NDAs just sign them and do whatever they want anyqay.

Systematic NDA Review Process:

If the othe party refuses to negotiate at all, that tells you something about the relationship. A partenr who won’t discuss reasonable modificatilns to a one-sided agreement prpbably won’t be reasonable about ohter aspects of the relationship either.

When to Walk Away From an NDA

Some NDAs aren’t worth signing at any price. Knowing whe to wlak aeay can savve you yearrs of problems and potentiqlly significant legal costs.

Walk away if the NDA contains a non-compeete that would prveent you from working in your field. Unless you’re beinf compensate specifically for agreeign not to compete (like a substantial payment in addtiion to your normal fees), non-competes buried in NDAs are usually untair and potentially unenforceable, but “potentially unenforceable” still means legal fees to figght it.

Walk away if the survival perood is pereptual and they won’t negotiate. Perpetual confidentiality obligations are compliance nightmarse. You can’t maintain perefct records forever, and you can’t remember forever which facts cake from which sourc. You’re setting yourself up for an eventual dispute you can’t win.

Walk away if the confidential information definition is so broad that you can’t reasonably comply. If “confideential information” includes “any knowledge of the business,” you’d have to somehow forget everything you learned, which is impossible. Agreeing to impossible terms doesn’t make them enforceable, but it does make you at risk to claims of breach.

Walk away if the potential relationship isn’t worth the risk. A short-ter consulting project paying $5,000 isn’t worth signing an NDA with unlimited liability and a hostile jurisdiction clause. The downsid risk outweighs the upside benefit.

Walk away if your gut tells you something is wrong. If the other party is pushy about signing immediately, dismissive of your questions, or unwilling to explain why they need certian provisiions, those are warning signs that the business relationship itself might be problematic.

A freelance writer was offered a project creating website conten for a company. The NDA required perpetual confidentiqlity, prohibited her from writing about the industry for fiv years, and included a $1,000 liquidated damages clause. The project would pay $3,500. She walked awaay. Two years laetr, she learned the compnay was seud by multiple former contarctors over NDA claims. Walking away frmo a bad NDA is often the best business decision you can make.

Using Technology to Review NDAs More Efficiently

Reviewing contracts manually is time-consuming and error-prone. You migght catch obvious problems but miss subtle issues buried in dense legal language. Technology can help, especially AI-powered contract review tools.

Document review platforms can sca an NDA against a checklist of standard terms and flag deviations. If most NDAs in your industry have a three-year survival period and yours has a 10-year period, the software shoows that discrepancy. If your NDA is missing standard exclusions from the confidnetial ifnormation definition, the tool points that out.

Some platforms compare your NDA against a database of similar agreements and show you how your terms stack up. You can see that 78% of NDAs in your industry cap the survival period at fiv yearrs or less, giving you objective data to support negotiations.

AI-powered tools can translate legzl languag into plain English explanations. Instead of puzzling over “the Receiving Party shall start and maaintain reasonable administrative, technical, and physica safeguards,” you see “You must use reasonable security measures to protect their information.” That clarity helps you evaluate whether you can actually coomply.

These tools don’t replace legal advice for high-stakes agreements, but they make initial review faster and more thorough. You can upload an NDA, run it through an AI review in minutes, get a list of potential issues, and then decide whether you need to involve an attorney or can handle negotiations yourself.

Revdoku offers exactly this kind of AI-powered NDA review. Upload your non-disclosure agreement, and the system automatically checks it against complete NDA best practices, flags problematic clauses, explains what each section means in plain language, and suggests specific revisions for terms that seem unreasonable.

For small businesses and independent professionals who can’t justify spending $1,000 on legal review for every NDA, AI-powered tools provide a practical middle ground between signing blindly and hiring an attorney.

Key Takeaways

NDAs are everywhere in modern business, but that doesn’t mean you should sign them without careful review. Most NDAs can be improved through negotiation, and some shouldn’t be signed at all. The key is knowing what to look for.

Use the NDA review checklist at the top of this article to systematically evaluate every non-disclosure agreement before you sign. Pay special attention to how confidential information is defined, how long your obligations last, and what happens if there’s a dispute. Watch for red flags like non-compete provisions disguised as confidentiality obligations, perpetual survival periods, and one-sided remedies.

Remember NDAs are negotiable. Most parties will agree to reasonable modifications if you ask professionally and explain your concerns. And if they won’t negotiate at all, that tells you something important about whether you want to work with them.

Use technology to streamline NDA reviews, making the process faster. AI-powered contract review tools can catch issues you might miss and give you objective data to support negotiations. Upload your next NDA to Revdoku and review it against a complete checklist before you sign. The 15 minutes you spend on proper review could save you years of problems down the road.

Find more review checklists at revdoku.com/checklists — each one is ready to copy and use in the app.

Frequently Asked Questions

What should I do if I don’t understand some terms in the NDA?

If you encounter terms in the NDA that you find confusing, it's essential to seek clarification from the other party or consult a legal professional. Understanding the implications of every clause is crucial to making an informed decision about whether to sign.

Can I negotiate the terms of an NDA?

Yes, most NDAs are negotiable unless you are dealing with a large corporation with rigid policies. It’s advisable to prioritize your concerns and discuss them professionally with the other party.

What are the risks of signing a poorly drafted NDA?

Signing a poorly drafted NDA can expose you to significant risks, including the inability to work in your field, restrictions on using industry knowledge, and potential damages for breaches that are vague or overly broad. This can lead to costly legal disputes in the future.

How can I identify red flags in an NDA?

To spot red flags, watch for overly broad definitions of confidential information, perpetual confidentiality obligations, or non-compete clauses disguised as confidentiality terms. If an NDA requires you to share your own confidential information or imposes one-sided remedies, consider it a red flag.

What is the typical duration for confidentiality obligations in NDAs?

Typically, confidentiality obligations in NDAs last between two to five years after the agreement ends. Be wary of clauses that suggest perpetual obligations, as they can create unreasonable compliance burdens.

Why is it important to verify the parties involved in the NDA?

It’s crucial to ensure all parties are correctly identified in the NDA to prevent future disputes about liability and obligations. Accurate legal names and entity types protect you legally and clarify who is bound by the agreement.

What technology tools can assist in reviewing NDAs?

AI-powered contract review tools, such as Revdoku, can help you scan NDAs against checklists of best practices. These platforms can flag potential issues, simplify legal language, and provide objective data to support your negotiations, making the review process more efficient.