The dangers of data on devices

The use of personal devices at work is ever increasing.

Call 01905 727700 or email mail@scaiff.co.uk

The use of personal devices (such as smartphones and tablets) at work is ever increasing. The divide between work and home is as fluid as it has ever been.

The use by employees of their own devices in a work context presents challenges for both employer and employee.

Advice on the Acas website reminds us that:

'The UK leads Europe when it comes to smartphone usage, with more than half of UK consumers having used a smartphone, according to the latest figures. Meanwhile, there was almost a fivefold increase in the number of UK households owning a tablet computer last year. Mobile technology is changing the way we go online, organise our social lives and do our work. As such, it's presenting new challenges for employers to keep pace with the implications for the workplace.'

Allowing an employee to use their own device at work can seem like a good idea for an employer. It can maintain staff morale, allow the employee to work more flexibly and saves the employer the cost of buying devices for their employees.

However, there are downsides particularly in relation to security.  Confidentiality of client information must be maintained and GDPR requires data controllers to ensure that personal data is held securely. The risks for employers are even greater when a personal device containing data is lost or stolen.

The employee faces risks, too.  If their employer's system has been hacked or infected with malware, this could also affect the employee's device.

Employers should also consider their policy when some leaves an organisation. How is the confidential and sensitive data going to be recovered or deleted from an employee's device?  A constant threat for employers (and a rich seam for litigation) is the taking of confidential data by departing employees.

A big challenge is to ensure that any systems are secure and to try to ensure that employees cannot mix work data with their own personal information.

It is very important for employers to ensure that they have a regularly reviewed and updated Bring your Own Device' policy.  It goes without saying that all employees must be regularly trained (and updated) as it to contents and responsibilities.  There will be expectations on employees as well.

To discuss this or any other employment related issue, contact us.

Members: Simon Shaw, Elizabeth Rimell and Janice Leyland.
All members of Scaiff LLP are solicitors of England and Wales. Individuals referred to in this website and elsewhere as 'partners' are members of Scaiff LLP or an employee or consultant with equivalent standing and qualifications.
Authorised and regulated by the Solicitors' Regulation Authority. The Authority's rules can be accessed at rules.sra.org.uk
Registered in England No. OC326884. Registered Office: 23 Foregate Street, Worcester WR1 1DN. VAT Reg No. 286 1004 73