“Bring Your Own Device” Policies. What to Consider When Monitoring Employee Personal Electronic Devices
Due to the technological progress with its accessibility to personal computers, Windows laptops and tablets – devices owned by employees are saturating modern workplaces. If it is already taken for granted that company owned equipment could be monitored, the situation is not so clear with personal devices usage. Therefore, companies adopt BYOD policies, – sets of “bring your own device” rules, – that include employee monitoring practices.
Bring Your Own Device policies are being developed by modern companies to ensure legal employee monitoring.
When implementing BYOD policy for employee monitoring purposes, it’s important to take into account both: privacy concerns by employees and data security protection by the company.
BYOD Policy Musts
As discussed in the New York Law Journal, Dec. 3, 2012 edition, when implementing BYOD policies and perform legal employee monitoring, companies SHOULD:
Respect employees’ privacy regulated by relevant laws
– Any monitoring policy should identify the types of devices to which it may be applied;
– Another aspect of the BYOD policy is to agree consistent with the company software that could be used on personal devices to perform work responsibilities;
– Not to break any privacy protection law, it is suggested by lawyers to agree with employees not using the same applications for their sensitive information and work projects.
State security measures the company may take to protect its data
– To check whether corporate data is protected while employees use their personal devices at work, its IT department may run a security protocol from time to time;
– Another detail which should not be missed is asking employees to backup their personal information before cooperating with the IT department, to avoid any privacy expectations.
Enumerate definite occasions for monitoring and accessing personal devices
– It is advisable to acknowledge a zone of privacy and a zone of monitoring in a BYOD policy. For example, working hours, employee misconduct investigation, breach of contract, – could be enumerated as occasions for monitoring.
Agree on proper procedures of using a personal device in case the device is lost or stolen
– To prevent unauthorized access, devices must be password protected. Trustworthy passwords could be ensured through password applications downloads provided by the company IT department;
– Moreover, if the work-related device is lost or stolen, employees should notify the company in a given time period.
Well-crafted BYOD policy eliminates privacy expectations by employees.
In general, IT support for personal devices associated with performing work responsibilities and the latest ones’ accessibility for the monitoring purposes, sensitive information non-downloads by employees, negotiated applications’ usage and following all the procedures regulated by the company – are golden musts of any BYOD policy.
Written acknowledgment of employees’ consent to follow BYOD policy, – protect employers right to monitor.
What is more, the BYOD policy developed to perform employee monitoring should not only imply employee consent to employer access to personal devices, but it is also advisable by professional lawyers that employers choose to obtain written acknowledgments from their employees stating the latest have understood the policy, agree to follow it and to give an appropriate access to their personal devices for the employee monitoring purposes.
This article provides general information only. This information is for general understanding only and not to be used as legal advice. To receive professional legal advice, please consult your lawyer.
By WorkTime employee monitoring software www.worktime.com applicable to any BYOD strategy