A recent survey finds that some U.S. companies employ workers to personally monitor employee e-mail and that more than one-quarter of surveyed companies have terminated employees for e-mail policy violations.
By Barbara Worthington
Outbound e-mail and other electronic communication protocols continue to pose significant risks for U.S. companies, according to a recent survey by Cupertino, Calif.-based Proofpoint. The survey of 308 e-mail decision-makers at large companies showed increasing concern regarding leaks of sensitive information via outbound e-mail and other electronic communications devices.
Among companies with 1,000 or more employees, more than three in 10 (32 percent) indicated they hire staff to read or analyze contents of outbound e-mail. Of companies with more than 20,000 employees, almost four in 10 (39 percent) employ staff for the same purpose.
The average among all companies surveyed was 17 percent.
The impact of e-mail misuse on companies is significant, according to the survey. More than one-quarter (26 percent) reported that business was affected by the exposure of sensitive or embarrassing information in the last year. More than one-third (34 percent) investigated a suspected e-mail leak of confidential or proprietary information.
Among the largest organizations, with 20,000 or more employees, nearly three in 10 (29 percent) reported that employee e-mail was subpoenaed in the last 12 months.
"Generally, companies should have a good reason to monitor broadly in that fashion, such as a serious internal or client confidentiality risk," says labor and employment attorney Gregg Lemley, a partner at Bryan Cave LLP in St. Louis.
Lemley says the need to monitor employees' e-mails "depends upon the type of company. If you are housing protected health information, consumer-credit information or the formula of the next big inventions, then 'yes' [companies should consider such a process]."
It's essential, however, he says, for companies to "communicate clearly with employees what kind of monitoring you will or may be doing and make absolutely clear that they have no right of privacy in their e-mail systems, or anything else you intend to monitor."
Employees should also be warned of potential consequences related to policy infractions, he says.
Modern technologies, such as instant messaging and camera phones, make it even more difficult for companies to track data leaks and purloined information. "Extensive background checks for security-sensitive positions can help," Lemley says.
However, e-mail remains a primary source of information leakage, according to the survey. Respondents estimated that nearly 20 percent of all outbound e-mail poses a legal, regulatory or financial risk. More than one-third of companies surveyed admitted to having investigated a suspected e-mail leak of confidential or proprietary information in the past 12 months.
Nearly half (46 percent) of companies surveyed have disciplined an employee for violating e-mail policies in the past year. And more than one-quarter (27 percent) have terminated an employee for a violation in the past 12 months.
Companies need to protect against lawsuits brought by employees when termination follows monitoring of employee e-mails, according to Lemley. "Privacy invasion torts are the most likely vehicle" for employee recourse against a company, he says, adding that's the reason "it's so important to have a good policy."
Newer communications vehicles, such as YouTube, MySpace and FaceBook, pose problems to companies as well. Such Web sites provide increased opportunities for information dispersal.
Among those surveyed, 14 percent of companies have disciplined an employee for violating social-networking policies during the past year and nearly 5 percent terminated an employee for such a violation. About one in 10 (11 percent) companies have disciplined an employee for violating media-sharing policies, with 7 percent terminating an employee for such a violation.
Other communications channels of growing concern among respondents include blogs and peer-to-peer networks, which Wikipedia describes as a network between participants instead of a conventional centralized server resource. One of the earliest peer-to-peer networks was the Usenet news-server system. Survey respondents said peer-to-peer networks were their No. 1 source of concern for information leakage via non-e-mail channels.
In the past 12 months, 21 percent of respondents said they had investigated the exposure of sensitive information via blog or message-board postings. Such infractions resulted in termination at 9 percent of companies surveyed.
Lemley emphasizes the importance of incorporating policies designed to address each aspect of employee communications use and activity.
"If you haven't made clear your propensity to monitor, or the consequences, or if you single people out without legitimate reason, you open yourself up to discrimination or retaliation claims," he says.
Tuesday, 7 August 2007
Monday, 6 August 2007
Practitioners to focus on CSR and ethics at annual IIRME PR Congress
As Dubai becomes “cleaner and greener” public relations practitioners are taking a good hard look at the part they play in promoting sound ethical practices and more community and social responsibility (CSR) activity.
Both topics are high on the agenda at IIR’s Public Relations Congress 2007 to be held at the Jumeirah Beach Hotel from October 28 - November 1.
IIR Middle East senior conference manager Jennie Bishop says it is clear that Dubai is moving into a new phase where environmentally friendly practices are becoming an integral part of most developments.
“Companies are now realising that what they do can have both positive and negative effects on people as well as the environment and that they need to become more CSR-focused.
“PR consultancies have to remind their clients that CSR is not charity, but more about creating a better legacy for their children and grandchildren by using resources wisely and developing in a sustainable way,” she said.
But one of the challenges that clients and their PR consultancies face is convincing the media that CSR is not just being used as another “sales tool”.
One of the panel discussions at the Public Relations Congress 2007 is aimed at helping practitioners make a clear definition between their client’s standard promotional activities and what they are doing in CSR.
PR ethics are the subject of the keynote address at the congress, with International Public Advertisement
Relations Association (IPRA) President Philip Sheppard to update the delegates on best ethical practices in the US and Europe.
“There is an increasing global need for trust,” Jennie says, “and many of the case studies being presented at the congress will build on this theme.”
IIR Middle East’s Public Relations Congress 2007 has established itself as a highly strategic and informative event and is the region’s premier annual conference for PR professionals. This year the event has two Gold Sponsors, Asda’a Public Relations and Cicero & Bernay.
The two-day congress will be preceded by the Cicero & Bernay - sponsored ‘A Day with Alastair Campbell’, and followed by two days of interactive workshops
Both topics are high on the agenda at IIR’s Public Relations Congress 2007 to be held at the Jumeirah Beach Hotel from October 28 - November 1.
IIR Middle East senior conference manager Jennie Bishop says it is clear that Dubai is moving into a new phase where environmentally friendly practices are becoming an integral part of most developments.
“Companies are now realising that what they do can have both positive and negative effects on people as well as the environment and that they need to become more CSR-focused.
“PR consultancies have to remind their clients that CSR is not charity, but more about creating a better legacy for their children and grandchildren by using resources wisely and developing in a sustainable way,” she said.
But one of the challenges that clients and their PR consultancies face is convincing the media that CSR is not just being used as another “sales tool”.
One of the panel discussions at the Public Relations Congress 2007 is aimed at helping practitioners make a clear definition between their client’s standard promotional activities and what they are doing in CSR.
PR ethics are the subject of the keynote address at the congress, with International Public Advertisement
Relations Association (IPRA) President Philip Sheppard to update the delegates on best ethical practices in the US and Europe.
“There is an increasing global need for trust,” Jennie says, “and many of the case studies being presented at the congress will build on this theme.”
IIR Middle East’s Public Relations Congress 2007 has established itself as a highly strategic and informative event and is the region’s premier annual conference for PR professionals. This year the event has two Gold Sponsors, Asda’a Public Relations and Cicero & Bernay.
The two-day congress will be preceded by the Cicero & Bernay - sponsored ‘A Day with Alastair Campbell’, and followed by two days of interactive workshops
Subscribe to:
Posts (Atom)
