Presenting a live 90-minute webinar with interactive Q&A Employee Use of Dual-Purpose Electronic Devices: Legal Challenges for Employers Protecting Company Interests When Employees Use Personal Smartphones, Tablets and Laptops for Work THURSDAY, SEPTEMBER 27, 2012 1pm Eastern | 12pm Central | 11am Mountain | 10am Pacific Today’s faculty features: Philip L. Gordon, Shareholder, Littler Mendelson , Denver Michael McGuire, Shareholder, Littler Mendelson , Minneapolis Josh B. Kirkpatrick, Shareholder, Littler Mendelson , Denver The audio portion of the conference may be accessed via the telephone or by using your computer's speakers. Please refer to the instructions emailed to registrants for additional information. If you have any questions, please contact Customer Service at 1-800-926-7926 ext. 10 .
Tips for Optimal Quality Sound Quality If you are listening via your computer speakers, please note that the quality of your sound will vary depending on the speed and quality of your internet connection. If the sound quality is not satisfactory and you are listening via your computer speakers, you may listen via the phone: dial 1-866-258-2056 and enter your PIN -when prompted. Otherwise, please send us a chat or e-mail sound@straffordpub.com immediately so we can address the problem. If you dialed in and have any difficulties during the call, press *0 for assistance. Viewing Quality To maximize your screen, press the F11 key on your keyboard. To exit full screen, press the F11 key again.
Continuing Education Credits FOR LIVE EVENT ONLY For CLE purposes, please let us know how many people are listening at your location by completing each of the following steps: In the chat box, type (1) your company name and (2) the number of • attendees at your location Click the SEND button beside the box •
Conference Materials If you have not printed the conference materials for this program, please complete the following steps: Click on the + sign next to “Conference Materials” in the middle of the left - • hand column on your screen. • Click on the tab labeled “Handouts” that appears, and there you will see a PDF of the slides for today's program. • Double click on the PDF and a separate page will open. Print the slides by clicking on the printer icon. •
Business Or Pleasure: The Challenges Of Bring Your Own Device Policies In The Workplace 5
Philip Gordon ― Littler, Denver pgordon@littler.com Joshua Kirkpatrick ― Littler, Denver Jkirkpatrick@littler.com Michael McGuire ― Littler, Minneapolis mmcguire@littler.com Visit our Practice Group blog: www.workplaceprivacycounsel.com 6
7
Why does it matter? • Ownership of the device affects the employer’s ability to control the device and the data 8
Who’s Doing It? • IBM – 80,000 employees – IBM CIO: • “If we didn’t support them, we figured [employees] would figure out how to support [the devices] themselves. • Kraft – 800 employees receive stipend to buy PC – Not available to: • company executives who handle confidential information • Legal • HR staff • Employees who use their PC to run production equipment • Factory Workers 9
Who’s Doing It? • Sybase – 20 different phone options – Employees buy and own the phones, but Sybase pays for the monthly service contract • Citrix – $2,100 stipend to purchase a laptop of their choice and a 3- year warranty. – Company owned cost was $2,600. – Adoption rate of about 20%. • Cisco • Lockheed 10
Survey Says • 75% of companies surveyed allow employees to use their own personal devices for business (Aberdeen) • 48% of IT workers were allowed to purchase a smartphone of their choice to use for work (Forester) 11
Why? • Reducing expenses for employers • Improving employee engagement • Aiding in the recruitment of new employees • Solving the “two pocket problem” • Innovation to reduce cost and promote collaboration 12
Does it really reduce costs? • All tallied, BYOD doesn’t look pretty from a cost perspective. A typical mobile BYOD environment costs 33 percent more than a well-managed wireless deployment where the company owns the devices ***.” – Loss of bulk purchasing power – Higher help desk/support costs – Security issues 13
IBM Experience MIT Technology Review, Monday, May 21 • The trend toward employee-owned devices isn’t saving IBM any money 14
Your Experiences with BYOD 15 15
Your experiences with BYOD QUESTION ONE • What approach has your company taken to the BYOD issue? – Restricts to company-owned devices – Allows some employees to connect personal devices but process is ad hoc – Has a BYOD policy 16
Your experiences with BYOD QUESTION TWO • For those with a BYOD/BYOC Policy, what is adoption rate? – 0-25% – 25-50% – 50% or greater 17
Your experiences with BYOD QUESTION THREE • For those with a BYOD/BYOC Policy, have you experienced employment law/HR issues as a result? – Yes – No 18
Your experiences with BYOD QUESTION FOUR • For those with a BYOD/BYOC Policy, have you experienced information security issues as a result? – Yes – No – Not sure 19
Your experiences with BYOD QUESTION FIVE • For those with a BYOD/BYOC Policy, have you experienced eDiscovery challenges as a result? – Yes – No – Not sure 20
HR and Employment Law Issues 21 21
HR and Employment Law Issues • Performance • Labor management – Mandatory bargaining • Discrimination, hostile – Unlawful surveillance work environment, • International accommodation issues – Data protection • Workplace Safety – Border searches – Driving and talking or – Espionage texting 22
HR and Employment Law Issues • Wage & Hour – Off-the-clock work by non-exempt employees – “Suffered or permitted to work” – De minimis? – Emails themselves are evidence of time spent and notice to employer – Time spent dealing with IT issues related to devices – Work by non-exempt or exempt employees during weeks off or leaves of absence 23
HR and Employment Law Issues • Solution to W&H Concerns – Training – Prohibit non-exempt employees from • Employees accessing email or • Managers making work-related calls outside of work – Compliant policy – Limit access/program requiring pay for all participation to employees who are hours worked exempt from OT – Create process for reporting work performed outside of working hours 24
HR and Employment Law Issues • Expense Reimbursement – California – must – Federal law – expenses can’t reduce pay below reimburse for “necessary minimum wage expenditures or losses – Eleven states have incurred ... as a express or implied consequence of the expense reimbursement discharge of his/her requirements duties” • California, Montana, North – Reimbursement must Dakota, South Dakota, New Hampshire, Alaska, meet certain criteria in Minnesota, Arkansas, Iowa, order to be tax exempt Kentucky, Michigan 25
Privacy/Security Issues 26 26
IBM Experience MIT Technology Review, Monday, May 21 • IBM surveyed devices “We found a and found apps and practices that could tremendous lack of pose a security risk awareness as to – Forwarding IBM email what constitutes a to web-based email services risk * * * we’re – Using device to create trying to make WiFi Hotspots people aware.” – Dropbox – iCloud – Siri 27
Data is heavily regulated • Security Laws and Regulations Allowing – Encryption employees to – Breach notification store company – Secure data destruction • Employee privacy rights data on their • Record retention own devices • Contractual obligations fundamentally – Indirectly regulated complicates • Trade secret protection these • eDiscovery obligations obligations 28
Security for company data • Loss or theft of devices – lost and stolen equipment accounted for 31% of breaches – Lookout helped 9 million people locate their devices; one locate request every 3.5 seconds • Malware – “malware targeting the Android platform rose 3,325 percent” (Juniper) • Friends and family – 27.5% of FINCEN suspicious activity reports involving identity theft involved friends, family, employee in home 29
Implications Of A Security Breach • Violation of statutory or regulatory requirements to secure personal information: HIPAA, GLBA, and state laws (MA, OR, OK, NV) – Statutes apply to service providers of covered entities – Enforcement: HHS and MA have recently obtained penalties • Security breach notification laws: 46 states, DC, PR, USVI, and Guam – Encryption safe harbor – Encryption requirements: MA, NV, HIPAA • Avg. cost of a breach is $194/lost record or $5.5M 30
Security for company data • Gateway to the cloud – Employee ownership of the account with the service provider will limit company access to its data – No contract with company – Obligation to “vet” security controls of vendors – Data may be more available to law enforcement or others 31
Recommend
More recommend
