Employee right to privacy is an increasingly controversial matter, which employers can best address by implementing proactive measures to ensure the appropriate and legally compliant collection of, access to, and use of information. Below are some issues of which employers should be aware in relation to workplace privacy.
Addressing Privacy Pitfalls
Many employees may feel that employer collection and use of their personal information is a breach of their privacy rights, but it is often permissible under both state and federal law. However, some employers may dismiss an employee’s privacy concerns, creating other problems in the workplace and potentially breaching their obligations to keep certain information private. To avoid these privacy pitfalls, in conjunction with their general or outside counsel, each employer should carefully review the governing federal, state and industry-specific laws, regulations and rules regarding the privacy of employee information. Employers should also consider publishing their privacy policies in their employee handbooks. Finally, employers should designate a human resources and an IT representative to work in conjunction with management to develop, understand and disseminate the employer’s privacy policies; collect, store and use information in accordance with the employer’s privacy policies; and properly address any privacy complaints and/or breaches of privacy.
Employer Collection and Use of Employees’ Information
Generally, employers can collect and use information regarding employees’ phone calls, emails, voicemail messages and internet history on employers’ telephones and computers, especially if employees have been made reasonably aware through a consent agreement. Employees have no expectation of privacy in connection with data stored in or transmitted via computers, phones, email accounts or mobile devices owned by employers. However, employers are generally prohibited from collecting information for accounts not owned by the employer, even if the employee logs into that account from an employer-owned device.
Employees Who Improperly Access or Disclose Private Information
Employers should identify a limited number of employees, usually one hiring manager and one IT staff member, to have password-protected access to employees’ private information. This should not be stored on the employer’s network, unless there are mechanisms in place to ensure privacy. In the event of unauthorized access, the employer should consider informing the affected party and obtaining a waiver, taking disciplinary action against the unauthorized employee and using best efforts to retrieve the private information. If private information was disseminated to a third party, the employer should make an effort to ensure that the information is not further disseminated.
Ultimately, employers should develop sound privacy policies and utilize all available technological and other resources to ensure employees’ compliance with these policies.
Steven H. Doto, Esq. is a partner at the law firm of Lauletta Birnbaum, LLC.
Published (and copyrighted) in South Jersey Biz, Volume 7, Issue 3 (March, 2017).
For more info on South Jersey Biz, click here.
To subscribe to South Jersey Biz, click here.
To advertise in South Jersey Biz, click here.