Critical Policies for Compliance, Data Security and the Use of Mobile Devices for Work
Information technology has evolved rapidly in recent years, transforming how we work and communicate in the workplace. Smartphones have changed not just how we communicate and conduct our personal lives but how businesses operate as well. While the benefits are vast, employers also face distinct challenges in navigating technology in the workplace. The law has not kept pace with technology, often leaving employers with unanswered questions and unknown compliance issues.
For this reason, employers must take care to develop technology policies that are especially robust and detailed, and make sure to communicate these policies clearly to employees through the company’s employee handbook. When developing their communication and technology policies, employers should always consult with an attorney to clarify legal issues specific to their state and industry. The healthcare industry, for example, has HIPAA, the HITECH Act, and state privacy laws critical to compliance.
The Anthros team works closely with clients to provide customized handbooks that educate employees about the company’s mission and values, set employee expectations, outline company policies, and ensure compliance with state and federal law. When creating your own communication and technology policy, here are a couple areas of concern to consider.
Cell Phones and Bring Your Own Device Policies
Cell phones are at the center of our lives. So what happens when personal cellphones are part of the work landscape? Many of us now have our work email available to us 24/7 through our phones. In many cases we use mobile devices to manage calendars, store documents, and perform other work functions.
The use of mobile communication devices may provide efficiency and open the door to collaboration; it also presents employers with potential legal and security risks. Ultimately, employers are responsible for keeping sensitive data secure. Plus, employers must also address practical questions such as how this affects timekeeping and overtime for non-exempt employees.
How and to what extent will you monitor personal devices being used for work? How will you make sure employees protect sensitive work information? What will you do if an employee’s cellphone used for work is compromised or stolen? Legally, you may monitor personal devices being used for work and require employees to observe specific security guidelines, as long as employees know and consent to these policies. When drafting your policy, it is absolutely necessary to define and communicate to employees what controls and access you as the employer will have.
Many employers are best served by prohibiting the use of personal cell phones for work purposes. However, if mobile devices are necessary for success in your industry, and the benefits outweigh the risks, you should implement an authorization process to document an employee has permission to use a personal device for work and has consented to the company’s personal device use policies.
Today the majority of adults in the United States have social media accounts, and social media has changed how we consume information, communicate, and interact with people and brands. For employers, social media is an important tool in representing their culture and brand to potential clients, customers, and employees. Employers want their employees to use social media to enhance their companies’ brands.
Social media use comes with real risks related to invasion of privacy, sexual harassment, loss of productivity, as well as disclosure of proprietary and confidential information. Your handbook’s social media policy should be very specific about what information employees are prohibited from sharing, and clearly state your anti-harassment, anti-discrimination, and anti-bullying policies apply to all social media activities.
If employees do post content about your business, what guidelines do you want them to follow? It is important people know they are not an authorized company spokesman and their opinions are their own. What about employees posting photos of their coworkers or clients without consent? In your policy, you may also want to encourage employees to utilize internal HR processes rather than social media for resolving problems and complaints. Keep in mind the NLRA applies to communications between employees of all employers, not just union employees.
In addition to cell phone and social media policies, your handbook should also include guidelines for employees using company-owned computers, networks, and communications systems. For more information and guidance about what communication and technology policies should be included in your employee handbook, get in touch with our team.
About the Author
Bill Edwards, Esq., CHC is the Director of Legal Affairs at Anthros and has been practicing law and representing employers in various industries for over 17 years.