The first time I spoke with Krishna, I spent most of the call nodding slowly and understanding about 60% of what he was saying.

He was describing his work on a SaaS product built around military-grade encryption technology - the kind of data security infrastructure used by organisations where a breach isn't embarrassing, it's catastrophic. He walked me through the problem space, the user constraints, the architectural decisions that shaped the design direction. It was some of the most technically complex and strategically layered design work I had heard from a designer at his level.

Then he stopped himself mid-sentence. "I probably shouldn't be telling you any of this."

He was right. He had signed a tight NDA. By the time he registered what he had done, he had already described things his employer would not have wanted shared with anyone.

Then came the part I hear more often than I should: "I've basically decided to leave this project out of my portfolio entirely."

That decision - the one that feels responsible, even principled - was actually the bigger problem.

We review portfolios every week. Across our team, that's easily 20 or more a week at any given time. And the NDA issue comes up in almost every cohort - not as an edge case, but as a pattern. Designers sitting on their strongest work because they don't know what they're actually allowed to show. This piece is about the third path between those two mistakes - sharing too much without realising it, or sharing nothing and letting genuinely strong work disappear.

This Is Not a Niche Problem

Researchers estimate that somewhere between one-third and over half of all workers in professional roles are constrained by an NDA or an equivalent confidentiality mechanism. There is no UX-specific number - no survey has nailed it - but you don't need one. Think about where mid-level designers with three to six years of experience actually work: fintech, enterprise SaaS, healthcare, government, defence, large-scale e-commerce with competitive pricing models. These are exactly the industries where NDA density is highest.

If you have been in this field for more than two years and you have not worked under some form of confidentiality constraint, you are the exception. Most designers have. Many are holding back significant work because of it. And if your portfolio is not generating calls despite having strong experience, this is often a major contributing factor - we cover the full picture in why you're not getting UX interview calls.

The problem is not that the agreements exist. The problem is that they are almost never explained to the people who sign them. You get a document, you sign it, and then years later you are sitting in front of your portfolio trying to figure out what you are actually allowed to say.

What an NDA Actually Covers - and What It Doesn't

Most designers treat an NDA as a blanket instruction to say nothing. It isn't. It is a specific legal contract that defines categories of protected information. The problem is those categories are written in legal language, and nobody at the company ever translates them.

What is almost always protected:

Proprietary technology, architecture, or methodology - the specific how behind what the product does
Exact performance metrics - the specific conversion rate, the exact user numbers, the actual revenue figures
Unreleased features, roadmap, or product strategy
Client or user data, including research findings tied to identifiable groups
Competitive intelligence - anything that would materially help a competitor understand the company's position

What is usually not protected:

The general domain or industry the product operates in
Your role, your process, and the design decisions you made
The methods you used - research approach, ideation process, testing, iteration
The constraints you navigated - regulatory, technical, organisational, business
Your reasoning, your tradeoffs, the thinking that led to the final direction

What designers mistakenly hide:

Process artefacts - journey maps, frameworks, research protocols, decision trees
The problem framing - often treated as confidential when it's generic to the domain
Outcomes stated in relative terms - 'significantly reduced drop-off' reveals nothing proprietary
The constraints themselves - 'designing for zero-tolerance error states in a regulated context' is not a secret

The NDA protects the company's secrets. It does not own your thinking. What you noticed, how you framed the problem, what you chose to explore and what you decided against - that belongs to you.

When Krishna went back and read his agreement with this framing, he found that it covered the technology architecture, the client names, and specific performance data. It did not cover the fact that he was designing for a security-critical enterprise context, the process he ran, or the thinking behind the direction. That was more than enough.

The Breach Most Designers Don't See Coming

Most NDA breaches in portfolios don't happen because someone decided to leak confidential information. They happen because the designer didn't know what qualified as confidential.

A designer includes a case study about improving a fintech app's onboarding flow. In the before/after comparison, they include: 'Increased completion rate by 47% by redesigning the risk assessment flow.' They also show the step-by-step logic of how risk profiles are calculated in the UI. Their intent was to demonstrate impact. What they revealed was a proprietary conversion metric and the company's risk assessment methodology. Neither required them to show a single screen.

The sensitive information was not in the visuals. It was in the number and the methodology. Designers fixate on whether they can show the screens because screens are visible. But what actually matters to a company is usually in the specifics underneath - the what and the how that a competitor would find valuable.

There is a level of abstraction at which everything is safe to share. 'I led a redesign of a complex onboarding flow for a regulated industry, reducing drop-off at the highest friction point by a meaningful margin.' That sentence contains nothing proprietary. It tells a hiring manager what they need to know.

The Fear Nobody Names: What If Asking Signals I'm Leaving?

This is the question that stops most designers from doing anything at all. Before they even get to 'what can I show,' they get stuck on: if I go to my manager and ask about my NDA and mention my portfolio, won't they immediately know I'm looking?

Maybe. But the framing of the conversation determines almost everything. 'Can I put this project in my portfolio?' sounds like a resignation conversation dressed in polite language. 'I'm building out my professional portfolio for career development' is a different conversation entirely.

The script that tends to work:

"I've been working on building out a professional portfolio - something I want to keep current regardless of where my career goes. I'd love your guidance on what I can include from [project]. I'm not planning to show anything sensitive - happy to share a draft with you first and get your sign-off before anything goes anywhere."

Three things this framing does: it anchors the conversation in professional development rather than job hunting, it offers the manager visibility and control before they have to ask for it, and it makes 'no' harder to say reflexively because you've already removed the thing they were going to object to.

When the manager just says no - and won't explain why

When this happens, you have three realistic options:

Go narrower. Don't ask to include the project. Ask a more specific question: 'Would it be okay to describe the type of problem I was solving without naming the product or client?' A narrower request is harder to refuse with a blanket no.
Go to legal or HR directly. Your manager is not the legal authority on the NDA - the legal or HR team is. A polite email to HR often gets a more considered response. They are used to this question.
Work around the restriction entirely. Your process artefacts - frameworks you built, research protocols you designed, decision matrices you developed - are your intellectual work product. A process-only case study that never shows product-specific visuals or data does not require sign-off.

Five Approaches - Ordered by What You Actually Need Access To

1. Process-only case study - the one that works when nothing else does

This is what we built with Krishna. No product visuals. No metrics. No client name. What it had instead was a clear articulation of a genuinely hard problem, a documented process of navigating constraints that most designers never encounter, and evidence of a designer who could hold security requirements, compliance constraints, user experience, and business outcomes in the same conversation at the same time.

Where specific detail was protected, the case study said so directly and visibly. Not vaguely omitted - explicitly labelled: [Redacted - specific performance metrics protected by confidentiality agreement]. This matters more than most designers realise. Unexplained gaps read as sloppy work. Labelled redactions read as professional discretion. One says you ran out of material. The other says you know exactly what you are doing with sensitive information - which, at a senior level, is a hiring signal in its own right.

That case study landed Krishna three roles. In each conversation, the hiring manager commented on how clearly they could see his thinking. Not despite the absence of screens. Partly because of it. This is the same principle behind building a business-driven portfolio - when you lead with thinking and impact rather than screens, the signal is stronger.

Best for: Highly restricted industries - defence, fintech, healthcare, government. Strongest signal for senior and leadership roles. No sign-off required.

2. Sanitised case study - modified visuals with a visible disclaimer

If your NDA covers identifying information but not the existence of the work, you can often modify the visuals to remove what is protected while keeping what is relevant. Replace the company logo and branding with a fictional brand. Change UI text that reveals identity. Replace specific data with relative placeholders.

The disclaimer is non-negotiable and it goes at the top: "Branding, naming, and specific data in this project have been modified to protect client confidentiality. The design process, decisions, and structural outcome shown accurately represent the work."

Do not modify the work quietly and hope no one notices. Transparent modification is professional. Silent modification is dishonesty.

Best for: Work where visual output matters for the role you're applying to, and where the confidential element is primarily identity-based.

3. Password protection - selective access without public exposure

Some companies are not comfortable with work being publicly accessible but have no issue with it being shared selectively. In your portfolio entry: 'This project is under NDA. I'm happy to share the full case study with potential employers - please request access.'

One thing to be clear on: sharing a password does not transfer legal responsibility. The work you protect with it should still be appropriately sanitised.

Best for: Agency designers and freelancers whose clients want controlled access. Also works for enterprise designers whose companies are comfortable with selective sharing.

4. Written permission - the option most designers never attempt

The most reliable approach, and the one most designers never try, is to ask for written confirmation of what you can show. Most companies, when approached properly with a clear explanation of exactly what you want to include and exactly what you will exclude, will say yes. The key is specificity.

'Can I put this project in my portfolio' is easy to reject. 'I'd like to include the process documentation - journey maps, the research protocol, and the decision framework - with no product visuals, no metrics, and no client identification. Can you confirm in writing that this is acceptable?' is much harder to say no to.

Written confirmation eliminates legal risk entirely. Krishna got his manager to confirm in writing. Every interview conversation about that project was then clean. And when you get to that interview, knowing how to talk about NDA work with precision is a skill in itself - we cover that in detail in the Round 2 interview piece.

Best for: Any situation where you want to include significant detail or visuals. If you can get it, this is always the right move.

5. Rebuild with a fictional brand

If the NDA is ironclad and you cannot get permission, but the problem-solving capability you demonstrated is something you need to show, you can rebuild the project using a fictional brand and scenario that mirrors the actual constraints you navigated.

This is not fabrication. You are applying genuine thinking - a process you actually ran, constraints you actually navigated - to a fictional context in order to demonstrate real capability. But the disclaimer must be prominent and unambiguous: "This is a redesign exercise using a fictional brand to demonstrate capability developed on a confidential project."

Done honestly, this produces legitimate portfolio work. Done quietly, it is a career-ending misrepresentation. The fictional brand must be clearly fictional. The disclaimer must be at the top, not at the bottom in small text.

Best for: Situations where you need to demonstrate a specific capability and cannot show the original in any form.

If I Only Show Process, How Does Anyone Know I Solved Anything?

This is the sharpest objection to the process-only approach, and it deserves a real answer.

Here is what we see in portfolio reviews week after week: portfolios that show beautiful final screens, impressive metrics, and case studies built around outcomes - and say almost nothing about what the designer actually contributed to any of it. A 40% improvement in task completion is a compelling number. But if I cannot tell from your case study whether you drove that outcome or whether it happened despite your involvement, the number is noise.

The process-only case study does not prove you shipped the solution. It proves something more durable: that you can frame a problem correctly, navigate constraints intelligently, make and defend design decisions, and understand why what you shipped was the right response to the actual problem. Those capabilities transfer. A specific metric does not.

That said, a process-only case study still needs to show directional outcome:

Weak: 'The project was completed and launched successfully.'
Strong: 'The final direction reduced the number of steps in the critical path by consolidating three decision points into one, addressing the core drop-off pattern we identified in research. The constraint was making this work within existing compliance guardrails.'

A case study that shows your thinking clearly is more valuable to a senior hiring manager than a case study that shows a beautiful final screen and a metric with no explanation of how you got there. We see beautiful screens all day. Thinking is harder to fake.

If your portfolio isn't generating calls despite having strong work, the issue may go beyond NDA constraints. We break down the full picture in why you're not getting UX interview calls. And if you want to rebuild your portfolio around business impact rather than just screens, the business-driven portfolio guide covers that end to end.

How Long Should a Case Study Actually Be?

Designers who can't show visuals often compensate by writing more. A lot more. That is almost always the wrong move.

Here is what actually happens when a hiring manager opens a portfolio. The first three to five seconds are visual. If nothing stops them, they are already moving to the next candidate. If something does stop them, they read one paragraph. If that paragraph does not give them a clear problem, a clear role, and a signal that something interesting happened, they skim.

The problem and context should be one to two paragraphs
The process section should be documented in artefacts and decisions - not prose summaries of each research method
The outcome section should be two to three sentences
Total reading time for a case study should be under six minutes

For NDA work specifically: the absence of screens is not an invitation to fill the space with prose. A process-only case study should be tighter than a case study with full visual access, not longer. The artefacts do the work. The writing frames them. And in the current landscape, where AI is reshaping what design hiring looks for, demonstrating thinking depth matters more than ever.

What to Say in the Interview About NDA Projects

The portfolio gets you to the conversation. The conversation is where the NDA comes up again, and where most designers either give away too much or shut down in a way that makes them look like they have nothing to say.

The wrong move is treating the NDA as an impenetrable wall. 'I can't talk about that' with no follow-up tells a hiring manager one of two things: you have nothing interesting to say, or you don't know how to navigate professional constraints.

The right move is precision:

"I can walk you through the full process on this - problem framing, research approach, the key decision points. What I'll stay high-level on is the specific metrics and the technology architecture, which are covered by the agreement."

"The company would prefer I don't identify them, so I'll refer to the context rather than the name - but the design challenge and what I did with it are fully discussable."

"My manager confirmed in writing what I can share, so I'm comfortable walking through the full case study as it appears in my portfolio."

What you are demonstrating in these responses is not just design knowledge. You are demonstrating professional integrity, clarity under constraint, and the ability to handle sensitive information - which is precisely what a senior hire at any serious company needs to be trusted with.

If you're getting to interviews but stalling after that, the issue may be in how you're showing up in conversation more broadly. We cover that in detail in the piece on moving from delivery person to strategic contributor.

One Question Before Your Next Application Goes Out

Is there work sitting somewhere - work you are proud of, work that reflects your actual level - that has never made it into your portfolio because of an NDA?

If yes, it is not gone. It is waiting for a clearer frame. The question is not 'can I show this?' The question is 'what layer of this can I show?' And almost always, the answer is: more than you think.

Three things to do this week:

Pull out the actual NDA for your most protected project and read the specific definition of 'confidential information.' It is more precise than you remember.
Write two lists: what is genuinely protected, and what you have been avoiding out of general caution. The second list is usually longer.
Draft the opening paragraph of a process-only case study for that project - just the problem and the constraints. No visuals, no metrics. See what is actually there.

Most designers who do this find they have significantly more to work with than they thought.

Read Next

If you have NDA work sitting unused - or a portfolio that is not converting into interview calls - both are fixable problems with a specific approach. The Current programme works through portfolio strategy as part of building designers from execution-layer contribution to strategic influence.

Book a free 45-minute strategy call - walk away with clarity on where to focus first.

- Murad, Co-founder & Head of Design, Xperience Wave