PEDs in the Workplace: It s a Mad, Mad BYOD World

Similar documents
Social Media and Texting: A Growing Concern

BYOD (Bring Your Own Device): Employee-owned Technology in the Workplace

Sample BYOD Policy. Copyright 2015, PWW Media, Inc. All Rights Reserved. Duplication, Reproduction or Distribution by Any Means Prohibited.

QUALITY HIPAA December 23, 2013

HIPAA and HIPAA Compliance with PHI/PII in Research

This Policy applies to all staff and other authorised users in St Therese School.

Workplace Privacy: New Technology, New Challenges

Security and Privacy Breach Notification

Domino s Pizza Enterprises Ltd. The Business Partner. Code of Practice

Inside the OCR Investigation/Audit Process 2018 PBI HEALTH LAW INSTITUTE TUESDAY, MARCH 13, 2017 GREGORY M. FLISZAR, J.D., PH.D.

Hospital Council of Western Pennsylvania. June 21, 2012

University Policies and Procedures ELECTRONIC MAIL POLICY

HIPAA Privacy and Security. Rochelle Steimel, HIPAA Privacy Official Judy Smith, Staff Development January 2012

HIPAA. Developed by The University of Texas at Dallas Callier Center for Communication Disorders

Bring Your Own Device BYOD

HIPAA Privacy and Security Training Program

HIPAA Faux Pas. Lauren Gluck Physician s Computer Company User s Conference 2016

Avoiding the Pitfalls of Bring Your Own Device Policies

The Apple Store, Coombe Lodge, Blagdon BS40 7RG,

Audits Accounting of disclosures

HIPAA UPDATE. Michael L. Brody, DPM

FERPA & Student Data Communication Systems

Cyber Security Issues

We offer background check and identity verification services to employers, businesses, and individuals. For example, we provide:

Update on HIPAA Administration and Enforcement. Marissa Gordon-Nguyen, JD, MPH October 7, 2016

Mobile Application Privacy Policy

Internet, , Social Networking, Mobile Device, and Electronic Communication Policy

Name of Policy: Computer Use Policy

Why you MUST protect your customer data


Domino s Pizza Enterprises Ltd. The Business Partner. Code of Practice

Beam Technologies Inc. Privacy Policy

Privacy Statement. Your privacy and trust are important to us and this Privacy Statement ( Statement ) provides important information

U.S. Private-sector Privacy Certification

WHITE PAPER. HIPAA Breaches Continue to Rise: Avoid Becoming a Casualty

Lesson Three: False Claims Act and Health Insurance Portability and Accountability Act (HIPAA)

Cyber Attacks and Data Breaches: A Legal and Business Survival Guide

Auditing and Monitoring for HIPAA Compliance. HCCA COMPLIANCE INSTITUTE 2003 April, Presented by: Suzie Draper Sheryl Vacca, CHC

8 COMMON HIPAA COMPLIANCE ERRORS TO AVOID

NMHC HIPAA Security Training Version

HIPAA How to Comply with Limited Time & Resources. Jonathan Pantenburg, MHA, Senior Consultant August 17, 2017

Elements of a Swift (and Effective) Response to a HIPAA Security Breach

HIPAA in 2017: Hot Topics You Can t Ignore. Danika Brinda, PhD, RHIA, CHPS, HCISPP March 16, 2017

HIPAA FOR BROKERS. revised 10/17

Cognizant Careers Portal Terms of Use and Privacy Policy ( Policy )

Cognizant Careers Portal Privacy Policy ( Policy )

Legal notice and Privacy policy

Privacy Policy. I. How your information is used. Registration and account information. March 3,

Motorola Mobility Binding Corporate Rules (BCRs)

By: James A. Sherer, Melinda L. McLellan, & Emily R. Fedeles 1

Information Privacy and Security Training 2016 for Instructors and Students. Authored by: Office of HIPAA Administration

Data Compromise Notice Procedure Summary and Guide

Privacy & Information Security Protocol: Breach Notification & Mitigation

Family Medicine Residents HIPAA Highlights May 2016 Heather Schmiegelow, JD

Securing Institutional Data in a Mobile World

ecare Vault, Inc. Privacy Policy

WYANDOTTE MUNICIPAL SERVICES ACCEPTABLE USE POLICY

TERMS OF USE Terms You Your CMT Underlying Agreement CMT Network Subscribers Services Workforce User Authorization to Access and Use Services.

ANATOMY OF A DATA BREACH: DEVELOPMENTS IN DATA SECURITY AND CLOUD COMPUTING LAW

HIPAA & Privacy Compliance Update

Organization information. When you create an organization on icentrex, we collect your address (as the Organization Owner), your

Excelity Privacy Statement & Terms of Use. August 2017

Mobile Device Policy. Augusta University Medical Center Policy Library. Policy Owner: Information Technology Support and Services

Information Privacy and Security Training Authored by: Office of HIPAA Administration

Acceptable Use Policy

Mobile Device policy Frequently Asked Questions April 2016

Preventing Corporate Espionage: Investigations, Data Analyses and Business Intelligence

The BYOD Workplace and the 24/7 Employee: Managing Legal Risks for Employers

HIPAA Security and Privacy Policies & Procedures

HIPAA Privacy & Security Training. Privacy and Security of Protected Health Information

Talenom Plc. Description of Data Protection and Descriptions of Registers

Hacking and Cyber Espionage

Spree Privacy Policy

You may contact The Translation Network by at You may also call The Translation Network at

Acceptable Use Policy

Putting It All Together:

Protecting Health Information

GEWISS S.p.A. IT CODE OF CONDUCT

HIPAA Privacy & Security Training. HIPAA The Health Insurance Portability and Accountability Act of 1996

YADTEL - Privacy Information INFORMATION WE COLLECT

Enterprise Mobile Management (EMM) Policies

UT HEALTH SAN ANTONIO HANDBOOK OF OPERATING PROCEDURES

PRIVACY POLICY. 3.1 This policy does not apply to the collection, holding, use or disclosure of personal information that is an employee record.

This policy also applies to personal information about you that the Federation collects from any other third party.

Overview of Presentation

Archive Legislation: archiving in the United Kingdom. The key laws that affect your business

Protecting Your Business: Best Practices for Implementing a Legally Compliant Cybersecurity Program Trivalent Solutions Expo June 19, 2014

IAM Security & Privacy Policies Scott Bradner

Privacy and Security Update: What Clinical Researchers Must Know

The HIPAA Omnibus Rule

EMPLOYEE COMPUTER, , AND INTERNET USAGE POLICY

AUDITING FOR PERSONALLY-OWNED DEVICES

pre-employment screeners, social service agencies and others who need to verify your employment status or income.

HELPFUL TIPS: MOBILE DEVICE SECURITY

Policy Objectives (the Association) Privacy Act APPs Policy Application ACTU The Police Association Website

PII Policies and Procedures

Chapter 12. Information Security Management

Privacy and Cyber Risk Management. Preparing Your Organization for Current and Emerging Risks

Regulation P & GLBA Training

Privacy Policy Effective May 25 th 2018

Transcription:

PEDs in the Workplace: It s a Mad, Mad BYOD World

Technology in the Workplace Technology in the workplace has transformed over the years from this The World s First Computer (1946) 2015 Snell & Wilmer L.L.P.

Technology in the Workplace To this Apple II Micro Computer (1977)

Technology in the Workplace And now this Apple Watch (2015)

BYOD Statistics By the end of 2015, there will be over 2 billion mobile devices in the world. Between 70% and 90% of U.S. workers are using their personal smartphones for work purposes (estimates vary). Up to 70% of employees with smartphones regularly check their emails outside of normal working hours. 51% of employees have reported accessing unsecured wireless networks for work purposes. 80% of BYOD is completely unmanaged by employers.

You Don t Have a BYOD Policy? The risks of failing to adopt a clear BYOD policy:

Why Adopt a BYOD Program? Employee flexibility and freedom and recruitment tool Millennials expect to use personal smartphone as work device Avoid the two pocket syndrome 84% of employees use same smartphone for work and pleasure Reduce employer expense & enhance employee productivity 7

Confidentiality and Trade Secrets Because employees can access their work information from home, it has become much easier for employees to improperly take and utilize employer information for improper purposes. 8

50% of employees who leave their jobs retain confidential company info 40% plan to use their info in their new jobs 9

Uniform Trade Secrets Act Requires misappropriation Harder to prove when employer has granted employee access and permission to store on their PED Focus on improper use or disclosure Have a strong company confidential information policy 10

Social Networking Profiles Who owns them: employee or company? Some employees believe they own the Facebook and Twitter accounts they create on company s behalf If company doesn t have a policy that says otherwise, they just might be right 11

Wage and Hour Employers must pay nonexempt employees for all time worked, including overtime for hours worked over 40 hours in a week Employees are using their devices, sometimes for work, after hours. Are they recording that time as time worked? Is the employer liable? Employees are required to be given uninterrupted meal breaks. Are they checking their PEDs and doing work during those breaks? Is the employer liable? 12

Privacy Employers have the right to review companyowned devices and content. Historically, employers do not have the right to review employee-owned devices. Technology is outpacing the law. Where do we draw the line for an employer s right to access an employee-owned device that is connected to the employer network or has employer information on it? 13

Computer Fraud and Abuse Act Crime to gain unauthorized access to a computer. What about remote wiping? Without an employee s consent? Stored Communications Act Prohibits unauthorized access to email. Criminal statute with civil remedies. Employer access to employee Dropbox account? 14

HIPAA Requires employers to develop and follow procedures to protect confidentiality and security of protected health information (PHI). What happens if you allow employees to store such information on a laptop and that laptop gets stolen? One healthcare contractor was required to pay $288,000 when a laptop with unencrypted PHI was stolen. 15

GINA Employees prohibited from requesting or disclosing employees genetic information Employee has diabetes and uses an app to monitor her glucose levels. Employer, updating employee s phone, sees this data. Has GINA been violated? 16

Fair Credit Reporting Act Requires secure disposal of certain consumer information. If such information is stored on employees PEDs, what has employer done to ensure proper disposal? Could employer be liable for violation of FCRA? 17

Workplace Accidents Employee is driving to work from home. They are checking work e-mail on their smartphone and get in an accident. Is this now a workrelated injury? Employers need to have a policy that employees are not to do any work-related e- mailing or texting while driving. OSHA will investigate companies alleged to have required or encouraged employees to text while driving. 18

Discrimination/Harassment Issues Employees need to understand that discrimination and harassment policies apply to PED and internet use in the workplace. What happens when an employee views pornographic material on their own PED in the workplace? What happens when an employee posts harassing content on Facebook towards a co-worker during work hours? 19

E-Discovery Employers are responsible for obtaining and preserving all discoverable information Does that include information on employees PEDs? To a large degree yes. How do you enforce a litigation hold on an employee s cell phone? 20

NLRA BYOD policies must be reviewed to ensure that they do not infringe upon Section 7 rights. 21

Questions? 2015 Snell & Wilmer L.L.P. 22

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback