Post on 23-Feb-2016
description
Managing Productivity – The unseen cost of
employees. IT HR and Legal considerations of employee
privacy and productivity
Panel Introduction
Discussion◦ How is time wasted in an organization
Technology, Processes, People◦ Productivity Monitoring – Legal Perspective◦ Productivity Monitoring – HR Perspective◦ Tools to help monitor activity and maximize productivity
Objective◦ Identify causes of lost productivity◦ Cost of lost productivity◦ Identify effects of monitoring from an HR and Legal
perspective.◦ Identify the need to manage lost productivity
Seminar Overview
Why monitor your employees?
Cost
Security
Customer Service
Cost
17 hrs. of a 45hr work week are considered non – productive (Microsoft Poll)
Approximately 850 hrs/year per employee.
@20/hr = $17,000
SecurityTheft
• Property• Inventory
• Information• Intellectual Property
Data Breeches• Hacks
• Malware/Viruses
Customer Service
How is time being wasted?
Non-work related activities◦ Social Media, Shopping, Internet, Porn, Fantasy Sports, Socializing,
personal devices Security
◦ Bring Your Own Devices.◦ Theft◦ Technology breeches
Productivity Wasters◦ Out dated Technology - Can waste 20 min per day
Viruses, Malware In adequate Internet Pipe Network Design
◦ Outdated telecom systems◦ Wasted time in meetings◦ Unclear expectations◦ Duplicate processes◦ Document Management
17 hrs. of a 45hr work week are considered non – productive (Microsoft Poll)
Non work related activitiesIn 2012 the average time spent on social media sites was 6hrs for males and 8hrs for females per week.
51 % of people ages 25-34 use social networking in the office.
44.7% of 10,000 people polled said that surfing the internet is their biggest distraction.
By 2016 200 million employees will bring their own devise to work.
Breakdown of Cyber Monday Spending by LocationCyber Monday 2012 vs. Cyber Monday 2011Total U.S. – Home & Work LocationsSource: comScore, Inc.
Cyber Monday 2011
Cyber Monday 2012
Point Change
Home (incl. University)
43.2% 47.2% +4.0
Work 50.2% 47.1% -3.1 International 6.6% 5.7% -0.9 Total 100.0% 100.0% N/A
Shopping – Cyber Monday
BYOD - By 2016 200 million employees will bring their own devise to work.
71% of employers allow personal devices
54% of employees use personal devices for both business and personal activities.• Sales Data, Social Media, Project Management, Office Applications, Calendars, Email
Over half of stolen laptops have resulted in a data breach.
Security Concerns
Out dated hardware and software.◦ Can waste 20 min per day
Viruses, Malware Network Design In adequate Internet Pipe Outdated telecom systems Wasted time in meetings Unclear expectations Duplicate processes Document Management
Productivity Wasters
Legal Concerns re: Workplace Monitoring
Ben Himmelstein, Esq.Shareholder at Wong Fujii Carter, PC
Board of Director – Arizona Small Business Association
Computer Monitoring - Generally Very few civil cases where employee sues
employer for breach of privacy – No damages Most employees just quit Comes up more frequently in criminal cases
(child pornography and fourth amendment search and seizure)
Also comes up in cases with public employees working for the State of Federal Government
California’s Constitution provides privacy rights against both private and government entities – most cases from California
Some Factors(1) does the corporation maintain a policy banning personal or other
objectionable use of its computers
(2) does the company monitor the use of the employee's computer or e-mail
(3) do third parties have a right of access to the computer or e-mails
(4) did the corporation notify the employee, or was the employee aware, of the use and monitoring policies
In re Reserve Fund Sec. & Derivative Litig., 275 F.R.D. 154, 160 (S.D.N.Y. 2011) (citing In re Asia Global Crossing, Ltd., 322 B.R. 247, 257 (U.S. Bkrptcy Ct. 2005)
California Standard(1) Employee must possess a legally protected privacy interest –this
includes conducting personal activities without observation, intrusion, or interference as determined by established social norms derived from such sources as the common law and statutory enactment.
(2) The plaintiff's expectations of privacy must be reasonable. This element rests on an examination of customs, practices, and physical settings surrounding particular activities, as well as the opportunity to be notified in advance and consent to the intrusion.
(3) the plaintiff must show that the intrusion is so serious in nature, scope, and actual or potential impact as to constitute an egregious breach of the social norms.
Hernandez v. Hillsides, Inc., 47 Cal. 4th 272, 287, 211 P.3d 1063, 1073 (2009)
What Does All This Mean It is clear that employees have a limited
privacy right depending on certain circumstances (examples to follow)
So, how do you as business owners mitigate any privacy rights they may have in the workplace?
Notice, notice, notice – handbooks, policies, etc.
Examples Hernandez v. Hillside (Ca) State v. MA (NJ) Doe v. XYZ Corp (NJ) Stengart v. Loving Care Agency, Inc. (NJ) Peterson v. City of Mesa (AZ)
Interesting Questions What about private email over workplace
network? What about personal devices brought to
work and used in the workplace? What about cell phones and cell phone
email? Text messages?
Managing Performance
IT HR and Legal considerations of employee privacy and productivity
Using the company resourcesUsing company hardware for surfing the netUsing the companies time to engage in social
media?
Growing trend of BYODUsing personal devices for workEmployees prefer their own technologyHousing company information
Where is the line?
According to The Society for Human Resource Management , security breaches are huge. Millions of devices are lost or stolen each year. And a locate request is sent every 3.5 seconds.
Companies have no control over an employee’s device (or company data stored on it) if law enforcement officials demand that the person turn over their device as evidence, experts said.
What are the risks
The water cooler has movedIt is onlineIt is publicIt is verbalThere are pictures and video
NLRB caseFired for criticizing supervisor on FacebookClaimed that the firing violated an employee's right
to engage in concerted activities.
Monitoring Employee Computer Activities
Compliance and ownership when it comes to data.
Businesses that fall under compliance mandates such as PCI DSS, HIPAA, or GLBA have requirements related to information security and safeguarding specific data.
Those rules still must be followed even if the data is on a laptop owned by an employee.
What is HR’s responsibility
Make sure you have a clearly defined policy for BYOD.
You should collaborate with IT and Legal and agree to lay out minimum security requirements.
Only then can devices to connect to company data and network resources be used
What is HR’s responsibility?
Limit the number of employees who are allowed to use their own devices for work purposes. *Limit the privilege to employees with a “need to know, a need to use, and a need to have” their own devices,
Consider what would happen if an employee left the company with a device with corporate data on it or if their device is lost or stolen.
Consider installing remote wipe software on employees’ devices so sensitive company information can be erased if the device is lost. However, the employee’s consent must be obtained before such software can be installed.
Consider using a “sandbox” on an employee’s device—a separate area where company e-mail, calendar and other functions are stored. The employee would have to enter a separate password to enter this area, and remote wipe software could erase data only in the corporate sandbox.
When determining policy
Prohibit nonexempt employees from answering work related e-mails outside working hours when using their own equipment, companies can avoid being liable for wage and hour and expense reimbursement costs.
Consider restricting employees from using devices such as iPhones that sync automatically with other devices in their homes. This prevents company data from being transferred automatically to other devices.
Make it clear to employees that they should not let family and friends use personal devices that are used for company purposes and should not share or store passwords on these devices.
Require employees to report promptly when a smart device they use for work is lost or stolen.
When determining policy
Productivity Management
Strategies and tools
Do you know how your employees are spending their time?
Do you have duplicate process? Do you have efficient processes?
Information
Knowledge is Power
Activity Monitoring - MyPCReports
Collaboration- SharePoint
WorkFlow
Microsoft Confidential – Presentation under NDA
Telecommunications
Questions?