Employee use of company computers can lead to both foreseeable and unforeseeable problems – most of which can be avoided or minimized by developing a comprehensive acceptable use policy (AUP) that makes clear the employees’ and employer’s rights and responsibilities and the rules regarding employee use of company equipment.
An AUP tailored to your company’s needs and practices should address the most common issues faced by employers as well as the unique issues faced by your company, and can prevent conflicts related to:
Creating an Acceptable Use Policy (AUP) for Personal Use of Company Computers
A comprehensive acceptable use policy (AUP) that covers employee use of company computers is essential to ensure that both employee and employer understand when an employee can or cannot use a company computer for personal business, who owns the employee’s personal information found on the computer, and when it is appropriate for the employer to monitor an employee’s activity on a company computer.
Who Owns the Right to Personal Information on Company Computers?
Your company owns the right to all information that is stored on your company’s computer, if this is made clear to the employee in the acceptable use policy (AUP).
For example, you can include a provision in your AUP that clearly states:
Employee Confidentiality and Employer Monitoring
Employers can and often do monitor their employee’s activities when they are using company computers, including:
These notifications can be provided as a part of your acceptable use policy (AUP) for company computers, which should clearly state what activities will be monitored and how and that there is no expectation of privacy when an employee is using a work computer. The AUP should include a written acknowledgment to be signed by the employee.
Appropriate Use of Company Computers
Unauthorized employee use of company computers for personal business can lead to a number of problems that could be avoided by a comprehensive AUP, including loss of productivity, unauthorized use of company resources and supplies, and criminal or civil liability based on the employee’s actions.
Although your AUP should be tailored to your company’s needs, provisions often include requirements like:
A comprehensive acceptable use policy (AUP) for company computers should also make clear what the rules are if an employee is working from home – they could be the same rules, or they can be adjusted based on your company’s needs.
BYOD (Bring Your Own Device)
When employees are permitted or required to use their own devices, there may be additional considerations – for example, the Electronic Communications Privacy Act (ECPA) of 1986 limits what you can monitor on your employee’s personal devices.
Your company should have a BYOD policy in place that details what the employee can expect, what type of monitoring will take place, and what the acceptable uses are for a BYOD computer that is used for company business.
Employer Liability for Personal Use of Company Computers
Another important function of a comprehensive acceptable use policy (AUP) is to limit the employer’s liability for employee conduct whenever possible by 1) clarifying what type of conduct is prohibited and 2) making it clear that the prohibited conduct is not within the scope of the employee’s work duties.
Employers can prevent or minimize civil and criminal liability by including provisions in the AUP that prohibit:
Please feel free to contact one of our Murray Lobb attorneys to obtain our legal advice regarding the development of an acceptable use policy (AUP) for employee use of company computers or employee use of any company equipment. We also remain available to help you with all your general business, corporate, and estate planning needs.