Privacy Agreements the Relationship Between

Privacy Agreements

The relationship between employee and employer are often defined by a contractual document signed by both parties that sets forth the terms and conditions of the relationship. This document can be an important part of defending any future litigation and prevent such problems by clarifying the expectations. An employer may include any number of provisions in this agreement, but some of the more important terms include: job duties, compensation, benefits, employment duration, employment warning/termination procedures, proprietary information, ownership of ideas/work done on company time.

Recently, many employee contractual agreements also contain privacy clauses. Since employees spend such a large percent of their hours at work, it is understood that they have the right of privacy at the place of employment. However, it is also true that due to increased technological advancements, communication enhancement, globalization and competition, employers have a strong business interest in monitoring employee activity from detecting and deterring employee theft to substance abuse to ensuring a safe and harassment-free place of work. Technological advances will continue to provide employers with a variety of monitoring options, many of which can operate without the employees' knowledge. The Personal Information Protection and Electronic Documents Act applies to employee information in federal works, undertakings, and businesses. The underlying goal is to find a means for employers to find a balance between their need to know with the employees' right to privacy. It is necessary to make sure that employers collect, utilize, and disclose personal information about their employees for appropriate purposes only.

Although I am not working at the present time, I read a report, "Employee Privacy Computer-Use Monitoring Practices and Policies of Selected Companies," by the Government Accounting Office (2002 (http://www.gao.gov/new.items/d02717.pdf.)that studied the employee privacy statements of 14 American businesses. They found the following:

All 14 companies store their employees' electronic transactions: e-mail messages, information of Internet sites visited, and computer file activity to create back-up files in case of system disruptions; to manage computer resources and to handle routine e-mail and Internet traffic; and to hold employees accountable for company policies. Eight companies reported they would read and review these electronic transactions if they receive other information that an individual may have violated company policies.

Six companies routinely analyzed their employees' transactions to find possible inappropriate uses of company computer resources. While all the firms have investigated employees for misuse of computer resources, company officials said such investigations are rare and, if violations of company policies are found, result in a range of disciplinary actions.

All the companies had policies containing most elements experts state should be included in company policies such as right to review employee use of company computer assets, to describe appropriate employee uses of these assets, and detail penalties for misuse. Each firm disseminated information about these policies, although in a variety of way. Eight of the companies said that new hires receive training on company policies for using the computer systems. Five companies require all employees to participate in an annual review of their computer-use policies, either through an Intranet-based training or over e-mail. Other training techniques company officials described included business conduct reviews every two years, weekly e-mail reminders of their policies, and a series of videotapes on policies.

Clearly, I recognize the need for employers to monitor their employees e-mail and Internet usage. It is not appropriate for employees to view non-business websites during the working hours. Similarly, the company e-mail is not intended for personal use. This is no different than expecting an employee to behave in an appropriate fashion while on work property. No employee should be able to use fowl language, be abusive, use substances, etc. while working.

I do have some concerns, however, with the above noted companies that eight companies reported they would read and review these electronic transactions if they receive other information that an individual may have violated company policies. First, a company should be very careful on how they gain information about another employee. The term "other information" is very broad. I would hope that there would have to be considerable concern before an employee is investigated. Second, a company has to recognize that electronics like anything else can be altered. Not to be paranoid, but people will do strange things against someone else if angry, jealous, offended in any way. Third, it is hoped that the employee under question would be notified immediately if there was any "other information" received on him/her regarding inappropriate e-mail/Internet usage.

The other concern I have is inconsistency. Too often, companies mean well by implanting a scheduled program: All new hires will see a video about privacy issues. However, new supervisors come and go and somehow this program is lost or forgotten. New employees are hired without ever seeing the video or reading anything on the privacy policy. They therefore cannot be held accountable. The fact that some companies only have a review of this information every two years is disconcerting -- that is a very long time when there is always large turnover and issues of concern.

The best way of handling this issue, as noted above, is having daily messages referring to the corporate policies that employees must acknowledge before they are allowed to log in to the systems. This is a constant reminder to employees, which they cannot ignore. Also, it deals with the new hire/turnover issue. Anyone who is logging on, regardless as a new or veteran employee will be alerted to the privacy issue. However, this should not take the place of employee training on a regular, scheduled basis, so the topic can be thoroughly covered and all concerns and questions answered.