Privacy practices for employees working from home

Privacy breaches give rise to significant risk for organizations and their employees. Many privacy breaches also arise from simple carelessness. The following recommendations are intended to help support prudent privacy practices when employees work remotely from home.

  • Keep laptops, smart phones, flash drives and other mobile devices secure. The loss or theft of any such devices is one of the most common causes of privacy breaches.
  • Conduct telephone calls to discuss employment or other matters involving personal information or confidential business information in private and outside the earshot of others.
  • When using a home computer that is shared with others in the household, ensure that you limit access to files containing personal information or confidential business information. Keep passwords secure.
  • Avoid printing or downloading files locally to devices. Whenever possible login in to VPN or secure networks and create and store sensitive documents on the office network.
  • If you must download and locally store any personal information, learn how to encrypt these files.
  • Personal email accounts may not be secure and should not be used to transfer or transmit sensitive information.
  • Exercise diligence in relation to your home security (e.g. lock doors and cabinets, activate alarms when away from home). Mobile devices and hard copies of records or files containing sensitive information must be physically secured.
  • Wi-Fi networks in public spaces (e.g. coffee shops, libraries) may not have secure connections.  Ensure you are using private networks that are secure or other secure alternatives.
  • Ensure that paper records and electronic records are securely destroyed when no longer needed. Sensitive personal information should ideally be cross-shredded and electronic files securely wiped from device memory.
  • Don’t use cloud based services to transmit, modify or access work files without first seeking approval from your employer. It is important that the use of cloud services be properly vetted for privacy and liability risks.

If you have questions on how best to deal with privacy issues as your organization begins to work remotely, contact Suzanne Kennedy.

Note to our Readers: Information regarding COVID-19 is rapidly evolving. We are working to bring you up-to-date articles as the legal issues develop and to keep our previous posts updated. Given that the legal issues related to COVID-19 are constantly changing, if you are looking for legal advice or are dealing with an issue in relation to COVID-19, please contact your Harris lawyer or a member of our COVID-19 response team: Sari Wiens, Ilan BurkesNicole Toye or Jessica Fairbairn.

To read our most recent articles and other updates on COVID-19, visit our COVID-19 Updates page.