byod-bring-your-own-device-legal-liabilities-IT-cybersecurity-kotori

Bring Your Own Device

BYOD (Bring Your Own Device) is a subject every company must think about these days. Whether or not the enterprise likes the idea of allowing employees to connect their own smartphones, tablets, and other devices into the corporate systems, the fact remains—workers are going to do it. One survey found that 46.8 percent of employees use their own smartphones on the job, and 30 percent of those users do so in direct violation of their company’s stated policy.

When employees use mobile devices for company business, the company may face potential legal liabilities it may not be prepared for. Here are a few of the most prominent:

Fair Labor Standards Act (FLSA) Compliance

Many employees love tapping into the corporate network from their own device because it gives them flexibility regarding when they can get work done. For example, they can read and answer emails late at night if that fits their schedule. But if an employee is non-exempt, the FLSA requires the company to compensate any work over 40 hours as overtime. Companies must record and pay for any such extra-hours work.

Notification of Data Breaches

When an employee leaves the company premises with a mobile device that accesses the firm’s network or systems, confidential data may also leave the premises. For example, if someone loses or has their smartphone stolen, the company’s data may become insecure. In such cases, the employer may need to report a potential data breach to customers or government authorities.

eDiscovery

When an employee stores company data—including texts and emails—on their device, that information may become subject to discovery during litigation or other legal proceedings. The employer must preserve such data. One company received a fine of more than $900,000 because it failed to require employees to save job-related text messages stored on their phones.

These examples highlight just some of the legal liabilities employers may encounter when their workers access corporate data through personal devices. They illustrate why every company needs a well-thought-out BYOD policy.

If you'd like to discuss how to formulate a sound BYOD policy, please contact us.

Related Posts