Legality of Accessing Personal Devices
Your company can manage the risks associated with BYOD by adopting policies and agreements that fit your risk tolerance, trust assessment, and regulatory context, says Chapman, who is an associate with DiMuroGinsberg in Alexandria, Virginia and a contributor to Virginia Employment Law Letter.
However, she adds, the only way to guarantee your right to access all information on a device is to own the device. In 2010, the U.S. Supreme Court held that employers have the right to access all communications on corporate-issued devices.
However, the Court didn’t address a company’s right to access information on personal devices. Therefore, there’s inherent risk in a BYOD policy for employers who want to have access to all communications and data on personal devices used by their employees, says Chapman.
Mitigating Security Risks
The content of your BYOD policy (or your choice to forgo a policy) should be decided by thoroughly analyzing the following, Chapman says:
- The sensitivity of the information your employees handle
- The inherent security concerns in your industry
- The legal regulations you face
- Your ability to oversee and manage the use of such devices
What are your competitors offering workers these days? Check your state’s edition of BLR’s exclusive Employee Compensation in [Your State] program to find out. Try it at no cost or risk.
If you decide to implement a BYOD policy, here are some important things to consider:
- Initiate a “wipe” policy. Require your employees to download software that allows you to remotely access and wipe devices. That provides protection if devices are lost or stolen. Additionally, there are software programs that can sequester work-related information into a software “sandbox,” creating a virtual folder in the personal device.
- Require written agreements. Once you locate software that fits your needs, have your employees sign a written agreement that discloses all risks associated with the software (such as information loss) and requires them to download it onto any device that will be used to access work-related information.
- Make the privilege exclusive. Allow only certain employees to have the privilege of using personal devices (exclude personnel who frequently handle sensitive data or personally identifiable information). Further, limit the type of information that’s accessible from a personal device (e.g., e-mail).
- Make device inspection a part of the exit interview. Have employees consent in writing to have their devices inspected at exit interviews. Also, obtain permission to remotely wipe the device of any terminated employee.
- Don’t allow employees to store corporate information on personal devices. Have them sign a written agreement that they will not store any corporate information on their personal devices.
- Require employees to produce their devices for inspection. Have them sign a written agreement that they will turn over their personal devices for inspection upon a legitimate request.
BYOD Bottom Line
Although dual-use devices have resulted in difficult legal and security issues for employers, you can mitigate the risks by implementing a properly crafted policy and using privacy software, Chapman says.
However, because the law on this issue is not settled, before creating a BYOD policy you should contact an attorney to be sure that you fully understand all risks involved in such a policy, Chapman says.
From personal device rules to pay structures, compensation offers a new challenge every day. Comp managers need a go-to resource. For more than 20 years, many experienced comp pros have relied on an extraordinary program from BLR.
In fact, thousands of managers have put their faith in Employee Compensation in [Your State]. The [Your State] refers to the fact that a separate edition is published for each of 43 U.S. states, plus the District of Columbia. So if you live in Illinois, Employee Compensation in Illinois is the reference you receive.
Don’t trust national salary data when you can have data specifically for your state and region. Find state data on hundreds of jobs in BLR’s famed Employee Compensation in [Your State] program.
Each edition of the Employee Compensation in [Your State] service contains these key elements:
–Recommended Rate Ranges localized for your state and region for hundreds of jobs, based on surveys and official data. You shouldn’t pay the same in Manhattan, Kansas, as you do on Manhattan Island in New York. This program makes sure you don’t.
–A to Z State and Federal Law Comparisons. Comp and benefits are regulated by a tangle of laws. Employee Compensation offers an alphabetically arranged set of practical analyses on how to comply. Look up "ERISA" or "Overtime" or "Workers’ Compensation" and you instantly have a plain-English explanation of how the controlling laws—state and federal—apply to you.
–A Full Job Descriptions Program. Employee Compensation offers a complete tutorial for setting up a job descriptions program. Many ADA-compliant sample descriptions are provided, ready to copy and use.
–Employee compensation and benefits surveys. BLR’s exclusive survey data come from thousands of organizations just like yours. You get three surveys: exempt compensation, nonexempt compensation, and employee benefits.
–Free newsletter and updates. The Employee Compensation newsletter helps keep you on top of new state and federal compensation and benefits laws. Six updates throughout the year keep your book current with all new compensation laws.
–Complete wage and salary administration guidance. Walks you through the entire compensation process with step-by-step instructions for analyzing and pricing jobs, writing job descriptions, employee compensation policies, and more.
Use the links below to see samples of the program and newsletter, as well as a full table of contents of what’s included.
The program is priced affordably for small companies as well as large, at only a few dollars a day. That’s coffee money for just about every form of information most managers need to run a competitive and efficient comp/benefits program.
You can check out the entire program in your own office for up to 30 days, with no need to buy. (We even pay return postage.) Just click the link below, and we’ll be happy to set things up.
Start a no-obligation free trial
Download product sample
Download sample newsletter
Download Table of Contents
The problem is that having the right to access the phone doesn’t mean the employee won’t misuse corporate information, intentionally or not.
This is an interesting article with regard to BYOD and policies concerning them. Is there something similar with regard to use of cell phones? Should this policy extend to temporary and contract workers?
There is an increase in the use of cell phones and smartphones these days as universal devices for routine life activities. They’re replaced watches. They are commute entertainment. They’re research tools when the kids are sick and we need a quick answer rather than pull down on insurance (or lack of) medical information.
For the temporary or contract worker, they serve to let information through about a potential new situation when the current one is about to end.
Perhaps the answer is a smartphone left in a locker and a cell phone with limited functions that can be used at the desk.