Policies also need to be clear from a privacy standpoint. “You need to make sure your privacy policies are up to date, and they speak clearly and completely as to what your data collection practices are,” he noted. And, of course, companies should consult an attorney as they draft their policies.
Ornstein adds that just formulating and disseminating a policy isn’t enough.
“One key practice we’d recommend…is that the people...who are responsible for implementing these policies are themselves properly trained and aware of the legal issues surrounding monitoring and surveillance,” he says.
Once an employer has come up with an acceptable-use policy that takes privacy and legal concerns into consideration, it can then implement monitoring tools.
Enforcing social media policy is critical. A company’s confidential information can be compromised in a mere second, and once posted to the Web, it can live forever through screen shots and other types of data collection, Adler noted.
Ornstein seconds Adler’s viewpoint, noting that “it’s the permanent transferability that spreads like wildfire and that I think creates issues we’ve seen before but on a scale that we’ve never seen before.”