Jurisdiction: Federal
Description
Bring Your Own Device Policy
Bring Your Own Device (BYOD) to Work Policy Preparation Form – We recommend that you gather the information in this form prior to accessing the online questionnaire. Doing so will help you efficiently create your custom Bring Your Own Device to Work Policy.Summary
This Bring Your Own Device (BYOD) to Work Policy is designed to establish rules for employees who use personal electronic devices like smartphones and tablets for work.
Details
Advantages and Disadvantages of a BYOD Policy
By adopting a personal device policy, employers may:
- Reduce the expense of providing employees with:
- devices;
- voice and data plans;
- training on company-issued devices; and
- device repair and warranties.
- Take advantage of employees staying current with the latest technology rather than regularly upgrading devices for the entire workforce or relying on outdated systems.
- Allow employees to carry one device for both work and personal use.
- Enable employees to use their preferred operating system.
- Require employees to install and maintain security controls on their devices, including mobile device management (MDM) software.
- Establish guidelines and expectations, including for employees who may already be using their personal devices for work.
Employer considerations when adopting a personal device policy include:
- Confidentiality and security concerns for employer data, such as customer contacts, financial information, and intellectual property.
- Privacy and security concerns for personal data, such as an employee’s personal contacts and photos.
- Employer liability for:
- information retention, such as under statutory record-keeping requirements;
- an employee’s wrongful use of the device; and
- data collection, retention, and destruction obligations under a litigation hold or contractual agreement.
- Ownership of intellectual property created, stored, or maintained on an employee’s personal device.
- Potential violation of the employer’s other policies, such as a prohibition against harassment, through an employee’s use of their device.
- Costs, such as reimbursing employees for work-related use or providing IT support.
- Issues with the device and its data when an employee leaves the company or is terminated.
- Potential wage and hour liability for nonexempt employees using devices outside of normal working hours.
- Productivity issues related to employee use of personal devices during working time.
Employers should customize their BYOD to Work Policy based on the specific circumstances of their business and industry. For security reasons, an employer that has significant trade secrets or confidential information might opt to prohibit or limit the use of personal devices. Similarly, an employer with a workforce of largely nonexempt employees might restrict their use of personal devices for work purposes to normal business hours not to exceed 40 hours in one week. This restriction aims to avoid wage claims by employees based on after-hours use. Employers might also restrict the use of personal devices by exempt employees or employees with access to highly sensitive information.
Implementing a BYOD Policy
Employers may also consider requiring that employees sign confidentiality or other agreements addressing BYOD issues to ensure the restrictions apply to employees after their employment ends. When implementing a BYOD policy, employers should consider whether existing policies and procedures overlap with the BYOD Policy in the area of confidentiality or protection of trade secrets.
Employers should also be mindful that it may be difficult to achieve the level of control and compliance in the BYOD context that is possible through employer-owned devices. While available security controls, such as MDM software, have improved, compliance with a BYOD policy will depend at least in part on employee cooperation and assistance. Employers should be aware of these differences and understand that a more stringent policy applied in the BYOD context can expose them to liability for an unmet standard of care.
Finally, to ensure employees fully understand their obligations under a BYOD policy, employers should provide sufficient instruction and training on BYOD policy requirements, both at the time of hire and on a regular basis afterwards.
Employers may incorporate this policy into an employee handbook or use it as a stand-alone policy document.
Additional Documents
Legal Disclaimers
Helix Compliance, LLC (“Helix”) is not a law firm, and Helix’s employees and representatives are not acting as your attorney. Helix provides a technology-based platform for those seeking to prepare their own legal documents. Using Helix’s system-generated documents does not create an attorney-client relationship between you and Helix or any Helix employee or representative. Therefore, your communications with Helix do not constitute privileged communications. Likewise, neither the attorney-client privilege nor the work product doctrine protect your communications with Helix. Helix is not your lawyer in any way, shape, or form.
Using Helix’s documents is not a substitute for the expertise of an attorney. Thus, you should not use Helix’s system-generated documents as a substitute for legal advice. Additionally, you should not construe Helix’s system-generated documents as legal advice. Helix does not review any information provided to it for legal accuracy or sufficiency. Helix does not apply the law to the facts of your situation, and Helix does not draw legal conclusions. Further, Helix does not provide opinions about your selection of documents. Users seeking legal advice should consult a qualified licensed attorney.
Even though Helix seeks to ensure that document content is up-to-date, laws change rapidly. Therefore, Helix does not guarantee that each document is completely current. The law differs in each legal jurisdiction and may be applied differently depending on your factual circumstances. If you are unsure whether your situation requires a specific document or whether the document’s contents are legally sufficient for your specific purposes, you should consult a qualified licensed attorney.
This material is for informational purposes only. Helix is not responsible for any loss, injury, claim, liability, or damage related to your use of Helix documents. Your use of this material and Helix documents is at your own risk.
Comments from the Author
Bring Your Own Device (BYOD) to Work Policy