With increasing demands being placed on employee's time and
productivity levels in recent years, there is a growing trend for
employees to be using their own personal electronic devices (such
as smart phones, iPads and so on) as well as other electronic
storage devices to enable them to juggle work commitments outside
of the office – whether it be whilst working at home, or in
between client / customer appointments.
Organisations that embrace this trend seem to be reaping the
benefits of improved staff productivity, increased staff retention
and a reduced environmental footprint, however employers also need
be aware of the potential issues that may arise if the devices
are lost and/or the employee leaves the organisation;
understand that the use of BYO devices presents a greater risk
to your intellectual property – for example, the ability to
switch between use of multiple email accounts for the forwarding of
messages (including the sender) could disguise employee
have a policy basis, and the necessary software, to support
restrictions and monitoring of the use of electronic storage
devices – so you know what is being copied and removed from
have in place measures to minimise potential repercussions
(such as breaches of confidential information and intellectual
property – both of which have been mentioned previously in
What can you do as an employer?
Some measures you may want to consider if your employees
typically use their own personal devices for work purposes
Ensure you have a document management system, or at the very
least, intellectual property management software that records
access, edits, printing, saving and emailing of individual
documents, then consider:
the suitability of restrictions on the ability to send or save
documents, such as a closed document management system;
the use of alerts or a cache of any documents that are saved or
emailed externally, to allow for monitoring;
appropriate updates to policies and contractual provisions
regarding intellectual property, confidentiality, internet and
email policy and social media policy. Remember that when an
employee is fully advised of the extent to which intellectual
property can be monitored, it may deter opportunistic or
retaliatory theft of your intellectual property!
Understand the role that computer forensics may play and what
can be achieved, and then make sure your policies address these
matters. For example, ensure that your email and internet
surveillance policy contemplates the use of an external third party
for monitoring and investigation, and makes it clear that all
online activity, including the use of social media, is subject to
Implement a policy that prohibits the long term storage of
confidential documents on electronic devices and allows the
employer to randomly check compliance, particularly before someone
leaves the organisation;
Require staff to install secure access passwords on all devices
, then ensure that an administrator is aware of those passwords and
can override them, and that passwords are not shared by staff
Ensure access to company systems (email, databases etc) can be
switched off or killed remotely ; and
Most importantly, regularly review and amend your policies,
communicating the updates to staff. This is essential to keep up
with, and address, technological development. For example, do your
policies address the fact that documents can be sent on Facebook,
or uploaded to LinkedIn?
Coleman Greig has a team of dedicated employment, corporate
advice and intellectual property lawyers, who can work closely with
computer forensic experts in this field. If you would like to
discuss these issues further, or require our assistance with policy
update, please give our employment law team a call.
The content of this article is intended to provide a general
guide to the subject matter. Specialist advice should be sought
about your specific circumstances.
To print this article, all you need is to be registered on Mondaq.com.
Click to Login as an existing user or Register so you can print this article.
If an employee makes a claim, the onus of proof is on the employer to prove that an adverse action has not occurred.
Some comments from our readers… “The articles are extremely timely and highly applicable” “I often find critical information not available elsewhere” “As in-house counsel, Mondaq’s service is of great value”