During the current COVID-19 crisis, many employers will have chosen to allow their employees to work from home.
While most employers already have a communications policy that regulates how employees use communications infrastructure in the workplace, it is important to bear a few points in mind when many or most employees are working remotely.
Confidentiality / personal information
Confidential information may include your trade secrets, client lists and the like, but may also include sensitive information from your clients or suppliers. Your employees may also have access to personal data which relates to your clients, like contact information, identity numbers, or even bank account details.
Your communications policy no doubt requires employees to take special care not to disclose confidential information and personal data to any third party, but when they are working at home, possibly using their own devices, they may lose sight of the importance of taking these precautions. After all, when one is out of a work environment, one often forgets to apply the same rigour that one would while at work.
Employees must thus be reminded that when working with confidential information or personal information, they remain under the same obligations as they would be at work, and that they must take necessary steps, especially if using their own devices, to ensure that this information is kept secure.
An issue that crops up quite often, but which bears touching on again, is the issue of unintended contracting. An example of this would be where an employee is discussing a potential order with a client, and unintentionally agrees to the order over email without following the required procedures. The employee may not even have the authority to bind the employer but may create the impression over email that he or she does. In this case the employer may find itself bound to honour an order that should never have been accepted. While it is often possible to get out of the obligation with the help of a good lawyer, it is of course best to avoid these situations entirely if possible.
Employees must thus be reminded when working from home that they must still follow established procedures for entering into contracts. If orders or contracts must follow an established escalation route for example, this must still be followed even if the employee is hiding out in Betty’s Bay.
Casual email conversations with clients or suppliers can lead to unintended contracting, and so the usual email disclaimer saying that email exchanges will not lead to conclusion of any contact (you do have one of course) must still be included when employees are working from home.
This precaution is not possible in the case of social media platforms, and so extra care should be taken when employees interact on those media. It should of course be possible to post an appropriate notice to the employer’s own page on the platform concerned, and that will be effective if the interaction takes place there.
Idle hands are the devil’s workshop as the saying goes, and while we all expect employees to chain themselves to their dining-room tables while working at home, we also expect that there will be a general economic downturn in the next few weeks, and employees may simply not have enough to occupy them for a full working day.
Employees must be reminded that even though they may be working at home, and perhaps on their own devices, their actions on social media platforms can still bring the employer into disrepute, and there may be severe consequences for them if they do so. This is especially important when we are in the midst of a crisis as the COV19 where everyone flocks to social media for answers, updates and general comradery. Social media is not the place to raise your opinions on the President, Government or the masses affected by this situation. Think before you post.
Employees should be reminded to still remain professional in all dealings with clients and colleagues even when working remotely. No pyjamas in video calls with clients.
If you are taking a work call telephonically or on video while you are at home, make sure you are in a separate room where you cannot be interrupted, or confidential information overheard.
Employees typically access work resources by way of a username / password combination. As access will now be remote, they must be reminded to keep passwords secret.
If some employees are still working at the office and need to access resources protected by an absent employee’s password, the temptation may arise to ask the absent employee to disclose the password so that the resource can be accessed. This should be strongly discouraged, as sharing passwords, even with colleagues, seriously weakens the protection afforded by having a password in the first place. The system administrator should be able to access the resource without the password being disclosed.
Where employees must access sensitive information remotely, such as bank accounts, payroll information, etc., particular care must be taken to ensure that this information is accessed where prying eyes and nosy parkers cannot reach.