Here is an interesting scenario for employers to consider. A company discovers that an employee working in information technology has taken de-commissioned company computers for himself and even given some away. After conducting an investigation, the company learns that some of the computers contain current and former employees’ personal information, such as addresses, phone numbers, and Social Security numbers. The company notifies the affected employees of the breach and offers them free credit monitoring and fraud restoration services. A few months later, however, one of the affected employees becomes a victim of identity theft.

Soon thereafter, the employee sues the company, claiming that it breached its contract to secure the personal information that he submitted in his job application. He contends that the company’s code of conduct and information technology policies evidenced its promise to protect such information. The company, on the other hand, argues that the policies—which detailed the procedures employees were to follow when handling company data—could not reasonably be interpreted to make such a promise. How do you think the court ruled on this question?

If you think that the company prevailed, crack open an ice cold Coke to celebrate. The scenario detailed above came from a recent Pennsylvania federal district court case against Coca-Cola. The court found that no contractual promise was made in Coca-Cola’s policies because they “existed for the purpose of protecting the company from harm,” not to benefit employees.

This case highlights how employees often seek to use an employer’s handbook, code of conduct, or policies as the basis for a breach of contract claim. Having these documents drafted and/or reviewed by counsel can help avoid liability on such claims, among other benefits.