As a young lawyer (yes, I know that was a LONG time ago), I remember having heated debates with the firm’s partners about implementing new technology. Back in those days the new technology craze was the personal computer. No one had a clue about this thing called the Internet. At that time a phone was just a phone. A cellular phone was too expensive to own, the size of a loaf of bread, it did not take pictures, connect to the Internet, send email, or allow immediate posts to Facebook, Instagram, Pinterest, or Twitter. In fact, no one even used the phrase “social networking” and text was a noun, not a verb.
We have come a long way. Today, through technology we accomplish tasks at lightening speed. Business people have embraced the smart phone as a means to get more work done and stay connected 24/7. Yet, I am surprised at the number of businesses that embrace smart phones, social media, and every form of new technology, but do not take the time to consider the risks associated with new technology.
A prime example is the smartphone and the tablet. The smartphone and the tablet can be used to transmit photos or scan documents. While I embrace that technology on a daily basis (and some may argue I need a 12 step program because of it, but that’s another blog post), I am also aware that it can be used to copy confidential information and, with the tap of the screen, send it to a competitor, post it on Facebook, to a Blog, or Tweet it. Social media and texting, again useful tools, can be used to share confidential information, make discriminatory or harassing remarks, or portray your company in a negative light.
There has always been a risk that a disgruntled employee may steal information and pass it on to a competitor or display something inappropriate in the workplace. The difference is the ease and immediacy with which it can be done today. Back in the Joe Caveman days, if you wanted to display a vulgar picture to a coworker, first, you had to chisel it in stone and then haul the darn thing into the workplace. Today, access to inappropriate material, that can lead to a sexual harassment lawsuit, is just a text or browser click away.
One of the primary goals of a handbook is to educate employees about your expectations. That means you need to be clear on what is considered a prohibited use of technology. Sure, we all know that in forty-eight (48) states you have the Uniform Trade Secrets Act to use as a tool if your employee steals confidential material. You also have the police to catch the thief who broke into your house, but that doesn’t mean you shouldn’t lock the door. When you implement a new technology consider how it can be used for good and evil. If the technology can be misused or abused, address it in your handbook.
Part of drafting a handbook, aside from providing a laundry list of company procedures, is thinking about how your employees work and why their perspective may be different from yours. Going back to the company provided smart phone, most employees are shocked to learn that their private business, conducted on the company smart phone, is not private. I am sure that part of this perception stems from the blurred line of what we call work. Work, before the cell phone, happened in a specific location. Now, work happens in the office and while watching the kids playing on their Little League team. Instead of running into problems down the road, use your policies as an educational tool. At least your employee will have a heads up before he poses for that the selfie while partying in Cabo. (I bet there are a lot of you, in the over 50 crowd, that are glad the selfie and social media were not options when you were 23.) The point is that by giving consideration to how technology can be used and addressing those issues in your handbook, you avoid problems, hard feelings, and, possibly, a lawsuit.
The Bottom Line:
Your handbook must the use of technology by your workforce. It should be clear, easy to read, and accurately communicate your expectations. Some of the areas that must be addressed are privacy assumptions, the use of social media, blogging, email, the Cloud, tablets, and smartphones. At a minimum, your policies must communicate:
1. A prohibition on publication or distribution of confidential information;
2. A warning that the improper use of technology could result in a violation of law or administrative regulation, especially for those that work in the healthcare field (thinkHIPPA) and financial services industry;
3. There is no expectation of privacy in anything stored, sent or received on a company provided device (even the Cabo pics) or that is transmitted over the employer’s network;
4. That employees are prohibited from making or displaying content that is disparaging, discriminatory or harassing remarks about their coworkers, managers, and your competitors; and
5. That comments made on social media, or in the blogosphere, are not the views of the company.
There’s more, but that will get you started.