The new coronavirus, which causes the disease known as COVID-19, seems to be staying with us for some time at least. The impact of Covid-19 is both in terms of the way the businesses are done as well as how organizations manage their teams. Resultantly the businesses will have to restructure their policies and practices. A key change that has been enforced and now adopted by various businesses small and large is the large scale adoption of remote work or ‘Work from Home’ practice. Working remotely independent of the established security network and office protocols of the organization brings with it various issues of concerns for employers such as Security of work data; Technological capabilities and equipment necessary to perform job duties and Safety of the organizational equipment Productivity; and Accuracy of records reflecting time worked by non-exempt employees. Indeed, some of these concerns can be addressed by adopting appropriate technology but employers must have a holistic approach while dealing with this unprecedented situation.
Many legal issues need to be addressed amidst the present time. While the legal status and rights of any employee working from home itself is a critical issue as the employee even when working from home would still be considered at work. The liabilities and responsibilities of the employer are something worth to be discussed with the legal advisers of the organization. However, one key concern that may have greater exposures are the IP and data security legal issues trade. If you would go back to your signed and accepted obligations with your clients and customers you would realize that there are various obligations related to confidentiality, maintaining trade secrets, and dealing with personal information of data subjects and even data related to health.
Another important aspect of concern would be the newfound requirement of storing health information of employees which an employer might store for keeping the teams safe and monitoring infections. Such health data which previously might not be expected to be saved may further attract various laws governing identifiable health data of individuals.
One negligence can put you in front of a million-dollar claim. Thus you must draw your policies and protocols in such a manner that your employee refrains from sharing critical information with a third party (including family members or friends staying with them). Secondly you must assess the contingencies aptly covered by your liability insurance policy.
Moreover, as far as possible the employees must be using the organization’s secured machines and not home laptops for work. In case, an employee cannot use the organizational machines he or she must have a standard basic level of security while accessing office emails and data. Moreover, appropriate technical solutions should be integrated to maintain a reasonable level of data security. Storage at home of sensitive company data should be prohibited. Thus you should work upon applicable data privacy, IT, or BYOD policies so that such concerns are addressed.