Employees in the dark about data retention policy
Enterprises are increasingly bound by legal and compliance requirements to retain information and communications.
Yet a new study reveals that over half of office-based employees say their companies don't have written policies on data retention or personal use of work devices, or if they do, they aren’t aware of them.
The study conducted by Harris Poll for e-discovery company kCura reveals communication habits that could put organizations at risk of incurring increased data retention and discovery costs in today's increasingly litigious business environment.
"With so much data to organize, risk and costs can -- and do -- get out of control very quickly," says David Horrigan, e-discovery counsel at kCura. "Complete bans on the personal use of work devices would be difficult -- if not impossible -- to implement, and could be harmful to employee morale. However, companies do need to implement reasonable policies to mitigate risk."
The results reveal that 63 percent of employees don't believe their companies have policies on email retention or checking personal email and other accounts at work, or if they do, they don't know about them. A slightly better 56 percent say the same about written social media policies.
An overwhelming majority of employees (70 percent) also admit to using email and mail folders in their inbox as filing systems on the job – a habit that makes it more difficult for enterprises to implement email retention policies without disrupting business.
Although 98 percent of employees surveyed say privacy is important to them, they still engage in communications habits that put their privacy at risk. For example, 60 percent have carried out activities such as sending personal email or posting on social media on a personal device connected to company WiFi.
Work email is used at least sometimes to send or receive personal/non-work related communications by 38 percent, while 28 percent sometimes or often use a work device to chat online with friends using services like Skype, Google Hangouts, or Facebook Messenger. Employees also use work devices for personal conversations too, 32 percent with their doctors, 28 percent with financial advisers, and 18 percent with lawyers.
"Laws surrounding employee privacy are still developing," adds Horrigan. "To protect themselves, employers must implement clear policies defining employees' expectation of privacy at work. For employees, the best bet is to keep work and personal communications separate. If you're wondering whether a certain communication or activity will remain private, you should assume that it will not."
The full report, Big Data from Employees Leads to Big Risk for Employers is available on the kCura Relativity blog.