What employment issues must companies consider in deciding whether to switch to the BYOD model?
Companies must consider a number of issues before switching to the BYOD model, including privacy, data protection (regarding both the employer and the employee), confidentiality, security, liability and court procedure for proving any claim which may arise as a result of the model's implementation in the workplace.
How do privacy laws, employment laws and protecting a company's confidential information overlap or intersect on this issue – and how can they be reconciled, given their disparate aims?
The overlap between these issues is often the result of the introduction of new technology in the workplace. Thus, this overlap is not new, as it also applies to other areas, such as internet use, the use of devices which allow employees to copy and paste information and email use.
For those that make the switch to BYOD, how can the confidentiality of both employer and employee be preserved?
Confidentiality can be safeguarded through the terms and conditions of the model's use, which can be different for every company. Internal policies, directions on how the model can be used and confidentiality agreements can also be implemented in order to provide adequate information and guidelines to employees and preserve confidentiality.
How can companies separate out what information sent or received on the device is official and business related? Who owns this information – the employer or the employee? And how can employer access to information be assured?
Given that the terms and conditions and usage of the BOYD model can be different for every company, we cannot provide specific replies regarding these points. However all of these matters can be regulated through directions, guidelines, handbooks, agreements and other related documentation. Based on our knowledge of internet and email use, the information can be owned by the employer.
What happens in the event of a security breach? Is the employee protected from liability?
Security can be regulated by relevant documentation. There is no relevant legislation in Cyprus regarding this matter.
What steps can a company take to prevent an employee leaving the company from taking company confidential information via his personal device? And how can the employee's own personal information be safeguarded in the process?
The employer may ask employees to enter into a confidentiality agreement which regulates these matters both for the duration of the employment contract and after leaving employment. This agreement may specify the measures to be taken in the event that the employee violates its terms, which may lead to legal action and claims for compensation if damage to the company ensues. The protection of an employee can be specifically regulated by internal documentation and procedures.
For further information on this topic please contact George Z Georgiou at George Z Georgiou & Associates LLC by telephone (+357 22 763 340), fax (+357 22 763 343) or email ([email protected]). The George Z Georgiou & Associates website can be accessed atwww.gzg.com.cy.