An unprecedented number of organizations have asked their employees to move to remote work in response to the COVID-19 Health Emergency. BC’s privacy legislation requires organizations to keep records containing personal information safe and secure. Many organizations and employees are diligent about information privacy in offices, but haven’t had the chance to turn their minds to maintaining privacy when working from home.
Employees that are new to working remotely might need a reminder to log off or shut down their home computers when not in use; an automatic logoff can help ensure that computers are not accessible when idle. If a personal laptop contains work information, employees should not share the laptop with other individuals including family members.
Many risks inherent to working from home are unavoidable. For example, employers cannot control the security of the network employees use from home; home networks typically are accessible by other users like family, friends and guests. Likewise, workers might be using their personal devices to access their workspace remotely or simply be downloading work documents to their devices; employees should password protect their devices or even create a new account on their existing device solely for work purposes.
Newly remote employees might not be well versed in data security. Employers should remind employees working from home to password protect devices and USBs, ensuring software is up-to-date, and being diligent about using work email accounts rather than personal ones for work-related emails, in order to maintain control over personal data. More details about setting up remote workspaces can be found in a guidance document released by the BC Office of the Information Privacy Commissioner on March 17, 2020.
For employers that already have a work-from-home policy, now is the time to share or re-share it with employees who may not have found it relevant to them in the past.
By Lauren Zeleschuk, Clark Wilson