Expert Proffers Solutions to Tackling Data Privacy Challenges
By Emma Okonji
The Regional Manager, Africa, Zoho Corporation, Andrew Bourne, has listed measures organisations could adopt to address data privacy concerns in the workplace, while maximising employees’ trust.
According to him, as businesses look to overcome the challenges of 2020, they would have a number of goals in mind.
For some, it will be about survival while others will work towards rebuilding and reversing any losses they might have made in 2020, he said.
He, however, said whatever state a business would find itself this year, it cannot afford to ignore data privacy as a key priority, especially now that global and local news networks are covering online privacy quite extensively.
“If a business really cares about having a successful 2021, it needs to prioritise data privacy as its number one focus. Doing so won’t only help businesses side-step some of the issues and expenses associated with data breaches, it will also help increase brand confidence among customers, employees and other stakeholders,” Bourne added.
Bourne explained that safeguarding employee privacy was becoming critical in a world that is going all-digital, in order to cater to an increasingly mobile and highly distributed workforce.
According to Bourne, a recommended step for a privacy-first approach was in making sure that employees’ personal information are stored in a secure, encrypted server, adding that aside from that, other basic practices that organisations can follow to ensure secure handling of employees’ personal data include critical measures like constantly communicate and ensure that employees are always in the know, “when onboarding new employees and whenever changes are made to policies, employers should clearly spell out their data collection and monitoring practices. Businesses should require employees to review the policy and also consider posting a detailed ‘privacy notice’ on internal forums for quick reference.”
Bourne said if organisations’ recently instituted COVID-based health and wellness programmes include the additional collection of new datasets like travel history and family health statuses, then the general consent proffered by the employment contract might not suffice. He advised organisations to plan beforehand and try to obtain specific consent from employees through advance notices.
Other measures include conducting privacy impact assessments for
third-party technologies, “as we become more reliant on third-party video conferencing tools and remote collaboration applications like Zoom, Slack, Google Meet and Microsoft Teams, it becomes necessary to reevaluate the vendors’ privacy policies and understand how these platforms handle your employees’ data.”
“In most cases, the long-winded privacy statements never give us a clear picture of what the tech giants do with the collected data or if they employ safety measures such as end-to-end encryption and host-proof hosting,” he added.
Another measure, according to Bourne, would be to deploy employee monitoring tools judiciously.
“Remote working has sparked an ethical debate about whether employers should use remote monitoring software to supervise workforce productivity levels. Today, we have tools that randomly take screenshots of employees’ device screens and even monitor how much time they spend on certain websites,” Bourne said.
According to him, while it is vitally important to know what is going on in business, using potentially invasive monitoring tools to measure work hours or monitor background activity doesn’t instill confidence or trust in employees. It’s not a perfect metric to measure productivity and work effectiveness.
Instead, consider quantifying workforce performance based on output quality and timely accomplishments and for any form of monitoring, it always is best to provide your employees with an opt-in before execution, Bourne said.