5 Things to Consider When Reviewing BYOD Policies

As illustrated by the record-breaking debut for the iPhone 6, smartphones are more popular than ever before. As smartphone, tablet, and other mobile technology use rises, employees are performing more and more work from their own electronic devices. This advancement has increased productivity, flexibility, and job satisfaction while also lowering companies’ technology costs.

However, the increased use of personal devices at work may raise concerns for employers in several areas, including, for example:

  • Data protection and security.
  • Employee privacy.
  • Theft or loss.
  • Non-exempt employee usage.
  • Employer liability for employee misconduct, such as discrimination or harassment.

Issues to Consider When Reviewing a BYOD Policy

Data Protection and Security

In-house attorneys and their counsel should ensure the BYOD policies implement device security measures to protect company data and confidentiality. Appropriate security measures may include, for example:

  • Requiring complex password protection.
  • Restricting access to particularly sensitive company data.
  • Installing encryption software and software that allows the company to remotely wipe the device in the event of loss or theft.

Employee Privacy

The BYOD policy should clearly define employees’ expectations of privacy on personal devices used for business purposes. Companies may choose to eliminate an employee’s expectation of privacy.

Theft or Loss

The BYOD policy should include strict procedures requiring employees to immediately report a lost or stolen device. Employees should also be aware that the company will wipe the entire device, if lost or stolen, to protect against data theft and intrusion.

Non-exempt Employee Usage

In-house attorneys and their counsel should ensure the BYOD policy prohibits off-the-clock e-mail access and work by hourly (non-exempt) employees on personal devices unless authorized by a supervisor.

Employer Liability for Employee Misconduct

If an employee uses his personal device to send harassing e-mails, even outside of work hours, it could create liability for the employer. In-house attorneys and their counsel should review the company’s BYOD policy to ensure it includes instructions on appropriate use and notifies employees that the company’s policies prohibiting harassment, discrimination and retaliation apply to the use of all devices under the BYOD policy.

In this era of ever-evolving technology, in-house attorneys and their counsel should periodically review and update their BYOD policy, particularly the key provisions explained within this article.

Practical Law provides legal know-how that gives lawyers a better starting point.  Our expert team of attorney editors creates and maintains thousands of practical resources across all major practice areas. We go beyond primary law and traditional legal research to allow you to practice more efficiently and improve client service. For a sample Bring Your Own Device to Work (BYOD) policy with helpful drafting notes, see Standard Document, Bring Your Own Device to Work (BYOD) Policy from Practical Law. Visit practicallaw.com and request a free trial today to access this document and more today.

Check Also

EXTRAORDINARY Customer Experiences

Firms today flourish or fail on customer service, and the pandemic brought the need for …