With many businesses shifting to working from home, it is important to consider the effects this shift will have on your data security/privacy and potential liability. Working from home poses a new risk to the preservation of confidential information. Whether you work with protected information under state or federal law, or simply information critical to your business, you should consider consulting a data security expert and at the very least updating your employee handbook to reflect a transition to a work from home environment.
Working from home poses many challenges. Issues pertaining to communication, dissemination of information, and collaboration are some of the most basic challenges. An often overlooked issue is who may be gaining access to your secure information while employees work remotely. Certain data breaches require a report of that breach pursuant to N.H. RSA 359-C:20 or similar breach reporting requirements.
How do you ensure that confidential information is not left out for viewing by a spouse, child, roommate, or guest? How do you prevent unauthorized access to a company computer? How do you ensure documents with sensitive information are being handled appropriately? There is no way to be certain what employees do when working from home, but taking preemptive measures to address how data should be handled will inform employees of your expectations.
Recently, New Hampshire House Bill 1680 of the 2020 Session proposed drastic changes to data privacy similar to that of the California Consumer Privacy Act of 2018 and the General Data Protection Regulation (GDPR) of the European Union. That bill is now in an interim study at the State legislature. The introduction of this bill illustrates the shift of more strict data privacy and security laws to come. While your business may not have a legal obligation to securely maintain data, your reputation is always at risk. In the era of work from home, technological incompetency is no defense. Consider whether your procedures guarantee that information is being handled appropriately.
If you require assistance creating or revising policies or an employee handbook, contact us.