We're celebrating 10 Days of Membership! Today's Gift: $20 off your professional membership with promo 10DAYS20OFF
Training, policies and tools to help HR prevent and respond to harassment claims.
Is your employee handbook keeping up with the changing world of work? With SHRM's Employee Handbook Builder get peace of mind that your handbook is up-to-date.
Develop your HR competencies and knowledge in-person in 12 U.S. cities or virtually.
#SHRM18 will expand your perspective – on your organization, on your career, and on the way you approach HR. Join us in Chicago June 17-20, 2018
Allowing employees to use their own mobile devices for business purposes has many benefits, but the practice doesn’t come risk-free. There are data confidentiality, security and privacy issues that managers must consider before implementing bring-your-own-device policies, says Philip Gordon, chair of the privacy and data protection group at Littler Mendelson, a Denver law firm.
Gordon says organizations should require participants to sign a legal agreement. Provisions might include the following:
The company is permitted to install a package of technical safeguards on dual-use mobile devices that employees can’t modify. Those protections might include data encryption, remote “wipe” capability to destroy information on the device if it’s lost or stolen, automatic lockdown of the device after short periods of inactivity, and password protection.
The employee’s device will be subject to monitoring when connected to the corporate network, and employees will provide access to the device if needed as part of any government investigation or litigation. This clause should note that the company might incidentally gain access to personal information.
“If employers don’t first obtain employee consent … they are at risk of either an invasion of privacy claim or a computer trespass claim,” Gordon says.
The employer can remove any company information from the personal device when the employment relationship ends. “If the employee doesn’t cooperate, the agreement should state that an employer can then activate a remote wipe command,” Gordon says.
The author is a freelance writer and editor in Minneapolis.
You have successfully saved this page as a bookmark.
Please confirm that you want to proceed with deleting bookmark.
You have successfully removed bookmark.
Please log in as a SHRM member before saving bookmarks.
Your session has expired. Please log in again before saving bookmarks.
Please purchase a SHRM membership before saving bookmarks.
An error has occurred
Recommended for you
Become a SHRM Member
SHRM’s HR Vendor Directory contains over 3,200 companies