Sponsored When Did You Last Review Your Company or Client’s Bring Your Own Device to Work (BYOD) Policy?

Practical Law Intellectual Property & Technology and Labor & Employment

As illustrated by the anticipated debut for the iPhone 7, smartphones are still as popular as ever. As smartphone, tablet and other mobile technology use rises, employees are performing more and more work from their own devices. This advancement has increased productivity, flexibility and job satisfaction while lowering companies’ technology costs.

However, the increased use of personal devices at work may raise concerns for employers in several areas, including:

  • Data protection and security
  • Employee privacy
  • Theft or loss
  • Non-exempt employee usage
  • Employer liability for employee misconduct, such as discrimination or harassment.

Issues to Consider When Reviewing a BYOD Policy

Data Protection and Security

Attorneys and their counsel should ensure that BYOD policies implement device security measures to protect company data and confidentiality. Appropriate security measures may include, for example:

  • Requiring complex password protection
  • Restricting access to particularly sensitive company data
  • Installing encryption software and software that allows the company to remotely wipe the device in the event of loss or theft.
Employee Privacy

The BYOD policy should clearly define employees’ expectations of privacy on personal devices used for business purposes. Companies may choose to eliminate an employee’s expectation of privacy.

Theft or Loss

The BYOD policy should include strict procedures requiring employees to immediately report a lost or stolen device. Employees should also be aware that the company will wipe the entire device, if lost or stolen, to protect against data theft and intrusion.

Non-exempt Employee Usage

Attorneys and their counsel should ensure the BYOD policy prohibits off-the-clock e-mail access and work by hourly (non-exempt) employees on personal devices unless authorized by a supervisor.

Employer Liability for Employee Misconduct

If an employee uses his personal device to send harassing e-mails, even outside of work hours, it could create liability for the employer. Attorneys and their counsel should review the company’s BYOD policy to ensure it includes instructions on appropriate use and notifies employees that the company’s policies prohibiting harassment, discrimination and retaliation apply to the use of all devices under the BYOD policy.

In this era of ever-evolving technology, attorneys and their counsel should periodically review and update their BYOD policy, particularly the key provisions outlined in this article.

About the Author

Practical Law provides legal know-how that gives lawyers a better starting point. Our expert team of attorney editors creates and maintains thousands of practical resources across all major practice areas. We go beyond primary law and traditional legal research to allow you to practice more efficiently and improve client service. For a sample Bring Your Own Device to Work (BYOD) policy with helpful drafting notes—and much, much more—request a Practical Law free trial today!

(Feature Image Credit: ShutterStock)

Send this to friend