In August, the offices of the federal, Alberta and British
Columbia privacy commissioners released joint guidelines for
organizations considering a BYOD program. "BYOD" or
"Bring Your Own Device" programs which allow employees to
use their own mobile devices for both personal and business
purposes are becoming increasingly popular with organizations as a
method of cost reduction. However, because of the risks associated
with both privacy issues and security concerns, it is important
that organizations ensure they have in place robust policies and
procedures and technical safeguards. Even where mobile devices are
owned by individual employees, organizations remain responsible for
any personal information (both customer/client and employee
personal information) contained on the devices and have an
obligation to ensure that information is safeguarded. And concerns
are not just limited to personal information; organizations have a
very real interest in protecting corporate confidential information
which might be stored on, or accessible through, the devices.
The guidelines provide suggestions for developing and
implementing BYOD programs which provide the necessary privacy and
obtain senior management "buy-in"
conduct a privacy impact assessment and threat risk
develop, implement and enforce an appropriate BYOD policy
pilot test your BYOD program
develop and implement training materials and programs
demonstrate accountability for the information on devices
consider mitigating risks through containerization
implement policies and procedures for storing and retaining
implement and enforce encryption requirements
ensure protection against software vulnerabilities and
manage apps and app configuration
require authentication and authorization prior to granting
access to information
address malware protection
develop a documented incident (both security and privacy
breaches) management process
We expect that the privacy commissioner will rely heavily upon
these guidelines if faced with either a privacy complaint or breach
notification flowing out of a BYOD program. So, you should review
the guidelines prior to implementing any BYOD program and use them
to audit and update your current program. If you want to ensure you
comply, we are available to help.
The content of this article is intended to provide a general
guide to the subject matter. Specialist advice should be sought
about your specific circumstances.
To print this article, all you need is to be registered on Mondaq.com.
Click to Login as an existing user or Register so you can print this article.
Alberta is going through a difficult economic period. These times can be challenging and while owners struggle to get their business through the rough patch, they want to preserve the assets and capital they have built up.
Legal issues surrounding contaminated sites affects landowners, developers, realtors, as well as consultants and contractors working on the front lines. This webinar will provide a practical review of how the legislation is actually being used, recent court decisions, challenges with brownfield developments, and future changes.
Who Should Attend: This webinar will be of interest to developers, contractors, environmental and real estate consultants, realtors, owners or lessors of land which may be impacted, and municipalities.
Register for Access and our Free Biweekly Alert for
This service is completely free. Access 250,000 archived articles from 100+ countries and get a personalised email twice a week covering developments (and yes, our lawyers like to think you’ve read our Disclaimer).