“Employers simply cannot afford not to maintain some control over these devices. The key is to clearly communicate expectations and boundaries up front, and to document agreement to them,” says Columbus attorney Bill Nolan, managing partner at Barnes & Thornburg LLP. The devices Nolan is referring to might sound like a Who’s Who in Technology, but whether a smartphone, tablet or iPhone, people’s “devices” are a reality of life, both at work and at play.
To cope with that reality, it’s imperative employers establish a ‘Bring Your Own Device’ (BYOD) policy, suggests Nolan, who has practiced labor and employment law for 26 years.
Why BYOD is a BIG deal Employers considering the creation of a BYOD policy need to have “some degree of control over the business information on the employee-owned device. You cannot afford to relinquish all control over that information, or the ability to capture that information after the fact, including in litigation. A BYOD policy is necessary to establish that control,” says Nolan.
Of course, just like with anything relating to business, creating, implementing and enforcing a BYOD policy costs time and money. For example, time is invested in the creation of the policy as well as the implementation and policing of it. Employees need to be informed about it and trained properly to understand it.
The financial part comes in with the creation of the policy itself as well as its implementation. Certainly, employers need to be mindful to enforce the policy equally among employees or face the risk of a discrimination lawsuit.
Employers face another potential risk when implementing a BYOD policy. “They must be mindful that employee-owned devices may have personal information on them that the employer does not want,” says Nolan.
Pitfalls to avoid There are several pitfalls company owners should keep in mind when implementing a BYOD policy. They include:
• Consistency in application. Employees will not necessarily like such a policy, so there needs to be good communication with them up front. Employers should be mindful how to deal with any potential employee resistance to minimize interruption to workflow and production.
• Managing employee’s personal information. A company does not want, and shouldn’t have access to any personal information about or for their staffer that resides on the employee-owned device.
• Preparing the policy in a silo. A comprehensive BYOD policy involves several departments of a company, such as HR, operational, legal and, of course, IT. Even a small company has each of these functions, even if the same person or a small group is responsible for these essential cogs.
Therefore, it’s essential that the “different functions be communicating and coordinating about the policy, says Nolan.
While there are no Federal or state laws governing BYOD, per se, the most common legal issue is the application of usual litigation discovery rules to them, says Nolan.