The COVID-19-driven work-from-home trend may continue long after health risks are mitigated. For example, a survey conducted by Mercer indicates one-third of employers expect that at least half of their employees will work remotely in the post-COVID era, though not necessarily every day of the week. The increase in remote work requires organizations to evaluate and mitigate the risk of intellectual property (IP) loss. Use the steps below to keep your information secure.
List Your Intellectual Property
Start by taking inventory of your IP and trade secrets, including:
- Trademarks
- Patents
- Trade secrets
- Copyrights
- Customer lists and profiles
- Product and service prices
- Marketing plans
- Corporate financial information
Establish a Policy
Establish a clear data privacy policy and then disperse it to your workforce. Your training program should be robust, not just provide a cursory section in employee onboarding. Also, the more precisely that confidential information is defined, the harder it is for a wayward employee to claim ignorance if caught sharing it with competitors.
From a legal perspective, if your policy stipulates that data privacy violations will be punished, it might not hold up in court if you haven’t taken measures to protect the data.
Here are several proactive steps to consider:
• Document privacy policy acceptance. Once you have finalized your written privacy policy, require employees to sign a statement acknowledging that they have read it and accept its terms.
• Segment data access. Most IP assets don’t need to be shared with all your employees. Carefully think through who needs to know what to perform their jobs, and limit access accordingly. You can start with a minimalist approach, then grant access to more sensitive data as the need arises.
• Educate, educate, educate. When working from home, employees may be more vulnerable to theft of sensitive information on their computers by hackers than they are when working onsite. Ensure that employees are trained how to minimize the risk of cyber-theft, such as creating strong passwords, knowing how to recognize phishing schemes and so on.
• Technology solutions. Virtual private networks, encryption systems and other tech-based data protection solutions are essential to help ward off external and internal threats. IT tools limit how employees can share information, plus computer use monitoring systems can discourage improper employee activities online.
• Beyond legalistic and technology-based strategies, think about possible social factors that could lead to employee misdeeds or sloppiness when it comes to proprietary company information. When employees work for extended periods in isolation from their peers, esprit de corps and discipline can evaporate — along with productivity. Combat that alienation by creating routine employee virtual gatherings and even social events that foster a team spirit and loyalty to your company.
Final Thoughts
Work-from-home arrangements can make your company more vulnerable to IP theft and loss. However, a combination of these approaches can limit, if not eliminate, that risk. A robust data protection plan may take time to implement, but it’s well worth the effort over the long run. Contact a Hantzmon Wiebel advisor today for more information on how to keep your organization’s information secure.
Contact Us
© Copyright 2020 Thomson Reuters.
Disclaimer of Liability
Our firm provides the information in this article for general guidance only, and does not constitute the provision of legal advice, tax advice, accounting services, investment advice or professional consulting of any kind. The information provided herein should not be used as a substitute for consultation with professional tax, accounting, legal or other competent advisors. Before making any decision or taking any action, you should consult a professional advisor who has been provided with all pertinent facts relevant to your particular situation. Tax articles in this blog are not intended to be used, and cannot be used by any taxpayer, for the purpose of avoiding accuracy-related penalties that may be imposed on the taxpayer. The information is provided “as is,” with no assurance or guarantee of completeness, accuracy or timeliness of the information, and without warranty of any kind, express or implied, including but not limited to warranties of performance, merchantability and fitness for a particular purpose.
Blog
Nonprofit Insights