Since Apple launched the first iPhone in 2007, the popularity of smart phones and tablets has sky-rocketed.  These devices, with their sleek design, touch screens and easy access to a myriad of entertainment options, have fast become the preferred method of communication for executives.

In recent years, a growing number of companies have allowed employees to forgo the less glamorous and often outdated technology assigned by their IT department and instead access corporate emails and data on their personal devices – a practice known as “bring your own device” to work, or “BYOD”.

There are numerous benefits for Life Sciences companies wishing to adopt BYOD – including significant cost savings on IT equipment and a more efficient, flexible and engaged workforce.

However, mixing business with pleasure in this way can increase the risk of security breaches, data loss and inappropriate use of company information.  This is a particular concern where employees could use their personal devices to access sensitive and/or proprietary information, such as confidential product information or customer details.

Implementing a clear and enforceable BYOD policy is key to reducing the security risks for employers in the Life Sciences sector.  A recent survey carried out by the market research firm YouGov shows that, while 47% of adults in the UK use personal electronic devices for work purposes, less than 30% are given guidance on secure use and the risks relating to personal data loss or theft.  Where staff and contractors are allowed to use their personal devices at work, it is essential to take pre-emptive measures and to educate employees on the appropriate use of BYOD.

A strong BYOD policy should:

  • clearly set out the rules for using personal devices at work, including security requirements
  • remind employees of their obligations to protect company and personal data
  • prohibit downloading of data onto the device
  • explain how to report the loss or theft of the device
  • clarify who owns the device (where the company contributes to the cost)
  • if the company intends to monitor use of the device, explain how, when and why
  • require the device and passwords to be given to the company at its request
  • obtain consent to remotely delete all data on the device in the event of loss or theft or termination of employment
  • explain the consequences if an employee breaches the policy

Companies that permit BYOD should ideally also provide on-going training to staff on the proper use of technology, privacy and security.

Print:
EmailTweetLikeLinkedIn
Photo of Christopher Walter Christopher Walter

Christopher Walter works with employer clients on domestic and international HR-legal compliance and human rights projects. Mr. Walter co-chairs the firm’s International Employment practice, and serves as Managing Partner of the London office.

Mr. Walter’s advisory practice encompasses the full range of employment…

Christopher Walter works with employer clients on domestic and international HR-legal compliance and human rights projects. Mr. Walter co-chairs the firm’s International Employment practice, and serves as Managing Partner of the London office.

Mr. Walter’s advisory practice encompasses the full range of employment and employee benefits issues that matter to leading multinational employers, including the drafting of share and other incentive plans, global mobility, privacy compliance, employment issues in M&A transactions, outsourcing, workforce integration, and the implementation of core policies/codes of conduct, with a particular focus on business and human rights.

Mr. Walter began his legal career as a UK barrister, however, and also has considerable experience as an advocate before UK courts and tribunals, securing confidentiality injunctions and defending employers against claims of unfairness, discrimination and other alleged violations of employment laws.

.