Your company’s computers, network, data, and other information technology systems form the critical infrastructure that allows your employees to do their jobs and facilitate your ability to serve your customers effectively and efficiently. But while your IT system may be one of your company’s greatest assets, it can also be the wellspring of significant liabilities. Improper or careless use of your computer systems by employees – whether it relates to email and messaging, internet use, or data storage and security – represents existential threats to your company’s operations and viability.
You may not be able to completely prevent employees from opening a suspicious link, sending an inappropriate or harassing IM, emailing unencrypted confidential or proprietary information, or visiting a wildly NSFW website. But a well-conceived, effectively implemented, and consistently enforced electronic use policy can minimize the risks and exposure that can arise from your company’s technology infrastructure.
What Is an Electronic Use Policy?
An electronic use policy, sometimes called an acceptable use or fair use policy, is a set of rules and restrictions issued by an employer that govern how employees can and can’t use the digital technology that the company provides them. Such policies can apply to any aspect of the company’s IT and communications systems, from laptops to cloud storage to company-issued cell phones.
Such policies should be in writing, whether as a stand-alone document or part of an employee handbook. Employers should provide a copy of the policy to each employee as part of the onboarding process and similarly distribute any new or amended policies to the entire workforce whenever issued. Additionally, employers should require that each employee sign an acknowledgment confirming that he or she read and understands the policy and agrees to adhere to its terms or risk termination or other disciplinary action.
What Kind of Restrictions and Guidance Should Be in an Electronic Use Policy?
Your electronic use policy should be detailed and specific and drafted in collaboration with an experienced employment law attorney and IT advisor. At a minimum, a policy should address:
- How employees can use the internet and social media, including limitations on personal use, what can and should not be downloaded or streamed, and prohibitions on accessing, saving, or transmitting sexually explicit, harassing, threatening, defamatory, or discriminatory content;
- Employees’ use of email, including limitations on personal use, the transmission of company data, and encryption and security requirements;
- Data storage and retention;
- Employees’ lack of any expectation of privacy when using company-owned or issued technology, including the content of emails and internet use even if “personal;”
- Limitations on access to specific systems, data, or information; and
- Consequences for violating the policy.
Why Electronic Use Policies Matter to Employers
There are three primary reasons why your company needs a robust electronic use policy:
- Data security. Federal and state laws impose obligations on companies to protect confidential customer information such as credit card numbers and disclose and remediate any breaches or theft of such information if it occurs. Such breaches can lead to civil penalties as well as lawsuits by consumers whose personal information has been exposed. Employees represent a key point of access for hackers or data thieves, whether through an employee’s transmission of information without proper encryption or security or by opening links or downloading programs that include malware, ransomware, or viruses that could cripple the company’s systems and operations.
- Monitoring and deterrence. By making it clear that they can see anything an employee does on company-issued technology, employers can reduce the likelihood of improper use.
- Putting limitations on personal use of technology can minimize distractions, prevent unnecessary slowdowns or system disruptions caused by streaming or large downloads, and increase overall productivity.
Contact Kreis Enderle to Discuss Your Company’s Electronic Use Issues and Concerns
If you want to increase your workers’ productivity, decrease the chances of a catastrophic disruption, and minimize exposure from data breaches, a well-crafted electronic use policy is essential. The business law and employment law attorneys at Kreis Enderle can help you prepare and implement such a policy and provide you with sound, straightforward counsel to protect your company and guide your decision-making. Please contact Thomas Cedoz at TCedoz@kehb.com or (269) 324-3000 to arrange for a consultation.