Social media has introduced a host of complicated, new issues into the workplace arena for HR professionals – and one of these is the protection of company information and data when social media is involved.
A recent study by the Ponemon Institute found that some 60% of employees who quit, or were made redundant, took company information with them when they left the company – even if their contract forbade it. While the most common thefts were email lists, non-financial business information, customer contact lists and employee records, 16% took financial information with them.
Increasingly, employees feel entitled to information they create on the job, Larry Ponemon from the Ponemon Institute said. “An increase in mobility in the workforce means many employees don't have a lasting relationship with their employers… As you have more employees working from remote locations and on home computers, the concept of who really controls this data isn't often clear to people.”
Some similar, but additional, issues to arrive with the growth of social media and its use by companies themselves, is the accidental employee disclosures of confidential or sensitive company information, and intellectual property issues. The latter issue is perhaps the most complex. For example, if an employee has built up a social media network of contacts for work purposes are those contacts the property of the individual or the company?
This is particularly relevant for recruiters. Can an employer claim an employee’s social media contacts when the employee leaves the company? These questions are being debated in law courts globally. In the US, the courts have determined that contacts, followers and friends in social media are not protected trade secrets or confidential customer lists – the reason being that they come and go and change frequently. US-based employment attorney Heather Bussing wrote on industry website HR Examiner: “While there is always some value in connections and social media contacts, it tends to be personal to the people involved. The connection often is obscure and has little to do with something the employer can claim is important and valuable. The employer would have to be able to show that it would be harmed if the employee left with it.”
In a recent article, the US-based Information Law Group reported that a New York court had ruled that trade secret protection was unavailable for a company where customer list information could be easily found using sites like Google and by viewing LinkedIn profiles. The Information Law Group claimed that, if a company allowed an employee to publicly display their work-related social media contacts, it could be argued that company had failed to maintain its confidentiality and thus lost its trade secret protection.
The article added that, in the security context, a significant part of minimising social media risk was educating and training employees and providing guidance on how to avoid or minimise it [the risk]. “Ultimately, however, like social media itself, it comes down to people – risk can only be addressed appropriately if the individuals using social media are equipped to identify and mitigate against it,” the article concluded.
Some useful social media risk minimisation tips for HR:
It is essential to understand the social media environment and how the various social media platforms work. The unique characteristics of a particular social media platform may present risks specific to that platform.
Companies should ensure they have implemented a [regularly updated and widely communicated] social media strategy and accompanying policies – which addresses specific risks like confidentiality of information, data security and intellectual copyright.
Because of common contract clauses banning employees from taking data after they leave, there are usually legal avenues to pursue should the need arise, but a bit of prevention can prevent a lot of pain.
Network access should always be kept up to date, and departing workers should be assessed to ensure they understand their obligations and the consequences for themselves and their new employers if they’re caught taking data with them.
If necessary, install technology solutions that allow for the monitoring and tracking of social media usage by employees.
Look out for future legal commentary on this rapidly evolving and developing area of workpplace law on HCA Online.
Loyalty out as job hopping becomes the new norm
Employers caught between a rock and a hard place
HC magazine launches on iPad
Mental health not on the corporate risk radar
Spotlight on counter-productive workplace behaviours