Bring your own device (BYOD) is anything but fun. Every employer needs to address employees’ personal communication devices. More and more employers have decided it’s better to let employees use their own devices to manage their business and personal lives. Employers and employees risk privacy breeches along with countless other headaches. Policies to protect both parties are difficult to write and manage.
A one size policy does not fit all. The nature of the business and what kind of data it uses will determine what legal obligations exist. Developing a BYOD policy requires legal advice after the employer decides in which direction to move. One thing all employers will have in common is the need to continuously evaluate and revise their policies as new risks are identified.
Employers who provide employees mobile communication devices historically purchase the same brand and may even restrict the usage to work. Today more employers are offering employees a wide range of mobile devices or have employees purchase and use their own devices. Technical support is typically provided to ensure security updates and install necessary software. There are a myriad of other technical considerations to decide.
Aside from the technical aspects involved in BYOD policies or any mobile communication devices are the human resource liabilities such as wage and hour, discrimination and employee privacy issues. Non-exempt employees must be paid for all time worked, whether it’s authorized overtime or not. Reading emails, responding to calls and emails are compensable time. Don’t leave out the time it takes to repair and update the device for work.
There are two edges to the discrimination sword; one edge is preventing a hostile environment, the other is personal content on the device may divulge information such as religion, national origin and disability. To determine whether a hostile environment exists, it needs to interfere with an employee’s performance, be frequent or severe and be physically or emotionally threatening or humiliating. Using online resources does not insulate the employer from liability. Employers must control how employees use their personal devices to mitigate hostile workplace liability.
Employers may be obligated to provide assistive devices to qualified employees who can now bring their own devices to work. For instance, In Rojek vs. Catholic Charities of Jackson, Inc. a blind applicant requested a special document reader. The law may require the employer provide the technology needed to work with the employee’s personal devices to perform the essential functions of the position.
Employees will need to consent to several practices in order to reduce their expectation of privacy under the Fourth Amendment. Employees might reasonably expect the device they purchased is their private property. It holds family photos, their favorite movies and games, personal contacts and communication. Should an employer become involved in litigation, the personal device may contain relevant data and need to be submitted as evidence. When an employer terminates, or loses the device, the employer may want to wipe the device and potentially lose those family photos.
Employers need to think carefully before adopting a BYOD policy. Keep in mind, all of the employee rules that apply to an employee-owned handheld device. Proper use of the employees’ personal devices need to be incorporated in the employee handbook. Develop a policy and allow employees to carefully review it before agreeing to BYOD. Provide training to protect the employers’ and employees’ privacy.