Legal Solutions | USA
Use of information and communications technologies is deeply embedded in businesses of all sizes today. Employees of those businesses are routinely expected to use smartphones, computers, electronic mail, and social media as they execute their job duties. In this highly active digital work environment, companies and other organizations must develop policies, practices, and procedures that support effective management of employee use of advanced computing and communications technologies in the workplace. Failure to manage employee use of those technologies effectively can result in significantly higher business risks and costs, along with reduced overall profitability.
Information and communications technologies have a direct and significant impact on the process of recruiting and hiring new employees. For example, organizations now commonly make use of online resources such as blogs and social media posts to obtain background information regarding potential employees. Integration of electronic media content into background checks for employment candidates is permissible and prudent, however, review of a potential employee's digital footprint should not be unreasonably intrusive. Thus, although it is entirely reasonable for a potential employer to search and review a job candidate's social media posts and blog commentary in order to understand that individual's personality, experience, and character more accurately, it is not reasonable for the hiring organization to try to compel the candidate to disclose passwords and other access information for restricted online content or to obtain additional electronic information on the candidate through deceptive or misleading methods.
When recruiting new employees, an organization's online reputation is extremely important. Potential employees often place great emphasis on electronic postings by current and former employees when evaluating the quality of an employer. Accordingly, all hiring organizations should be mindful of their online reputation as an employer and should take clear and consistent steps to maintain the quality of that reputation.
A critical set of employee management issues is associated with use of digital devices and equipment for work purposes. All employees should be trained with regard to appropriate use of the computing and communications systems provided by the employer. Policies, practices, and procedures for appropriate use of employer-provided computing and communications resources should specifically address critical issues such as computer and data security, information management and privacy, use of software (including apps) provided by outside parties, shared computing resource use (e.g., file-sharing), mobile communications, and control of content disclosure and communications.
Employees should be given guidance on issues associated with communications and content disclosures. For example, each organization should implement policies governing employee use of communications systems such as email, blogs, and social media. Employers cannot impose broad limitations on the ability of their employees to express their opinions and beliefs in electronic media and systems. Employers can, and should, however implement policies, practices, and procedures that restrict employee conduct with respect to secret and proprietary materials and information (e.g., trade secrets, customer lists, restricted information), regulated content and communications (e.g., materials governed by export controls, privacy restrictions or Securities and Exchange Commission rules addressing release of certain financial and investment information), and illegal activities (e.g., harassment or stalking).
The ability of organizations to manage electronic records and data collections effectively also plays a critical role in overall employee management. For instance, ensuring the security and privacy of employment and personnel records and data of employees should be a critical aspect of each organization's data security and information privacy systems. News headlines frequently describe data security breach incidents that result in unauthorized access and use of personal data (e.g., Social Security Numbers) of employees held by their employers. Each organization should exercise special care to minimize the risk of data security breaches involving employee records and information. Personal employee data held by employers is an attractive target for data thieves and other malicious parties, and the security of that material is a significant obligation of employers.
A digital employment issue of increasing significance is oversight of employee use of computer and communications equipment owned by the employee but used within the scope of employment duties. This environment is frequently referred to as the “bring your own device” (BYOD) approach to computing and communications resources. Instead of providing smartphones or tablet computers to staff, some employers permit, or even encourage, employees to use their own devices for their job duties.
The BYOD strategy raises significant management challenges. Perhaps most significant of these challenges is the blending of personal and work usage and activities the BYOD approach permits. In that mixed use environment, it is very difficult to enforce key policies and practices such as security and content controls. Additionally, recent action in the California state courts indicates that California labor law is now interpreted to require employers who permit BYOD to provide some form of fair compensation to their employees in order to defray some of the costs incurred personally by the employees for access to and use of the computer and communications services they obtained personally but used in part of work purposes. If this view is adopted in other jurisdictions, employers will find that their costs associated with the BYOD approach will likely increase.
Organizations should implement and maintain effective policies, practices, and procedures to protect their interests as employees leave their positions in the digital environment. A critical issue associated with employee departures is confidentiality. Terms of employment should include requirements of confidentiality for employees that extend beyond the term of their employments. Departing employees should always be specifically reminded of their continuing confidentiality obligations.
At departure, employees should also be required to account for and return all computer and communications equipment and devices that have been provided to the employee by the employer. The employer should also make sure that the departing employee's access to the employer's computer and communications network, systems, services, platforms, devices, and accounts, including email and social media systems, are properly terminated.
It is also important to make sure that the departing employee is not withholding any information which could affect the operational quality or effectiveness of the organization's networks or digital content. For example, there have been incidents where a departing employee who was the only staff member with knowledge of key computer passwords and other access and system operational information (e.g., expiration dates of Internet domain name registrations) withheld that information upon departure from the organization, resulting in major operational issues for the organization.
The extensive integration of information and communications technologies and services into the operations of businesses of all sizes in all fields has forced those enterprises to address digital management issues in all facets of relationships with employees. When recruiting and hiring staff, managing current employees, and processing employee departures, organizations must effectively bridge their employment policies, practices, and procedures with those associated with technology use, digital content management, and electronic records integrity. In the digital society, employment relationships must recognize and effectively account for the pervasive impact that communications and computing technologies and services have on the ways in which employers and their employees interact.