Practice ‘Bring Your Own Device’? Here’s How to Avoid Legal Trouble

more+
less-

This article was originally published on April 8, 2014 as a guest post on Technical.ly. Technical.ly is a network of local technology news sites and events, including Technical.ly Philly and Philly Tech Week, Technical.ly Baltimore and Baltimore Innovation Week and Technical.ly Brooklyn. The news site features voices from a broad community of people using technology to make cities better.

The "Bring Your Own Device" (BYOD) trend has risen dramatically in the last year, but with its increased use comes risks that employers and employees are not equipped to manage. Employers should practice the following in order to avoid unnecessary legal implications.

The illusion of privacy in the ever-changing world of technology is a growing issue for businesses and startups. Trends such as big data and BYOD (Bring Your Own Device) present increased compliance risks that employers and employees may not be ready to handle.

As part of Philly Tech Week 2014, Pepper Hamilton‘s Emerging Growth Practice Group – which provides legal counsel to entrepreneurs, startups and early stage companies – is hosting an event called “BYOD – Bring Your Own Device: Liability and Data Breach Sold Separately” on Tuesday, April 8, from 10:00 a.m. to 12:00 p.m.

Pepper Hamilton also hosted an event called “Between You, Me and Mark Z.: The Illusion of Privacy in Social Networks and What My Company and I Can Do About It.”

The “Bring Your Own Device” (BYOD) trend has risen dramatically in the last year, but with its increased use comes risks that employers and employees are not equipped to manage. Employers should practice the following in order to avoid unnecessary legal implications:

  • Know Your Data. Companies should be aware of the type of data – particularly regulated data like health or financial information – that can be stored on or accessed by employees on their mobile devices and whether or not it can be transferred to cloud-based file-sharing applications.
  • Know Your Employees. Companies should know and keep track of which employees really need access to sensitive company data from their mobile devices and what use such employees need to make of the data. It is also important to ascertain which of those employees are entitled to overtime payments.
  • Tell Your Employees. It is important to devise a clear BYOD policy, which will preferably be a stand-alone document. The document should clearly address issues, including the following, and will seek the employees’ consent for the provisions:
    • who is eligible to the program and entitled to bring their own device
    • regulated data on mobile devices should be handled as sensitive and confidential information
    • have strong security measures on the mobile phone (strong password, encryption and segregation of data)
    • end-of-term policy – return of the device and remote wipe of the information
  • Train Your Employees. The force and effectiveness of a BYOD policy should be integrated and maintained through employees’ continuous training of the provisions within the policy as well as the privacy and data security aspects underlying the policy.

Topics:  Bring Your Own Device, Employer Liability Issues

Published In: Labor & Employment Updates, Privacy Updates, Science, Computers & Technology Updates

DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations.

© Pepper Hamilton LLP | Attorney Advertising

Don't miss a thing! Build a custom news brief:

Read fresh new writing on compliance, cybersecurity, Dodd-Frank, whistleblowers, social media, hiring & firing, patent reform, the NLRB, Obamacare, the SEC…

…or whatever matters the most to you. Follow authors, firms, and topics on JD Supra.

Create your news brief now - it's free and easy »