Consumer privacy has always been at the forefront in business, as companies want to keep the personal information of their customers secure and private and want to keep their businesses up and running. However, with mobile workplaces increasing in popularity, companies tend to fall behind on effectively securing the personal data of their own employees and keeping it private.
Consumer privacy is obviously very important, and rightfully so, as that is associated with company profit. However, employee data tends to be used by companies for monitoring. Monitoring includes searching for possible security threats, risky online actions and productivity concerns. These can be crucial for any business, which tends to make companies justify their intense employee surveillance.
Employee privacy becomes increasingly difficult as the workplace becomes more mobile and employees expand to using multiple devices for work. Employees used to only have one device option when in the workplace – their desktop computer. That has quickly evolved into employees having multiple work devices like desktop computers, laptops, cell phones, tablets and more. Mobile devices have quickly eclipsed laptops and desktops when it comes to workplace usage and internet traffic.
When cell phones first came to be what they are now – handheld computers – companies distributed them with the same intentions as desktops and laptops. Companies intended for them to be used strictly for work related things – company property for company purposes – however, there tends to be a greater mix of personal and business use on mobile devices than on laptops and desktops.
Since mobile devices have so much personal activity, companies have to constantly change how they approach mobility, thus making employee privacy more complicated and important.
There are different types of mobile ownership that companies use and have used when they have employees using mobile devices. These include companies distributing mobile phones they purchased and pay for and are intended strictly for business use, or companies will purchase phones but employees can use them for both business and personal use or companies may have a bring your own device policy. This final way of distributing mobile devices means companies will have employees use their own personal devices and the company will determine compensation for the use of their personal device for business reasons.
Regardless of whether an employee is using a self-owned or company-owned device, there will be some crossover with personal and professional information and usage. So how can business collect and monitor mobile data without infringing on employee privacy? This becomes harder with how the landscape is changing.
Employee Privacy Framework
To find a balance where companies can monitor data but still follow employee privacy, you should reference an “Employee Privacy Framework”, like this one. It uses four pillars – user identity, user activity, policy and transparency – to help handle employee personal information, develop internal infrastructures and implement new products.
Each pillar will list the best practices for how organizations should collect, store and use employees’ personal information. These can help with any “gray” areas, where it becomes unclear what is acceptable, making it difficult to follow through with security processes that are in place.
A company needs to understand who is accessing corporate documents and how. Companies should also determine what is normal activity so that unusual activity can be detected and inspected. This will be helpful in respecting employee privacy by being apple to limit the detection to business related apps, websites and activity.
Using this to approach employee privacy will have companies only collecting the most necessary data, when it’s necessary. Companies can become more responsible and respectful about employee information and this can help establish trust with employees.