While technology continues to evolve — and its use in the workplace grows — one fact of strategic compliance management remains unchanged. Best practices always have — and always will — call for the establishment and enforcement of e-policies designed to manage employee behavior, mitigate employer risks and maximize compliance with legal, regulatory and organizational rules.
All organizations, regardless of size or industry, should establish and enforce effective e-policies governing email, texting, instant messaging, social media, blogs, mobile devices, the web and other communication and collaboration tools. Through the development and implementation of a strategic e-policy program, combining effective policies with comprehensive training and best-in-class technology solutions, employers can reduce the likelihood of workplace lawsuits, regulatory fines, security breaches, privacy violations, records mismanagement, productivity drains and other costly risks.
Guidelines for Creating Effective E-policies
- Update e-policies for onsite, remote and hybrid employees. With so many employees working remotely, you can’t afford to leave communication rules to chance. Best practices call for updated e-policies that govern onsite, hybrid and work-from-home staff. Whether using employer-provided or personally owned systems, sites, accounts and devices, e-policies apply. Use training to emphasize that e-policies apply 24/7/365, regardless of whether one is working at the office, home or elsewhere.
- Use clear, specific language that is not open to individual interpretation. It’s not enough, for example, to allow employees limited personal use of company computer resources. To some, that may mean countless otherwise-productive hours emailing friends and texting family. However, to the chief executive officer, it may mean 15 minutes of essential personal communication conducted before and after regular working hours. Effective e-policies should spell out exactly how much personal communication employees may engage in, with whom, under what circumstances, for how long and during what periods of the day. That’s the type of clarity and specificity best practices demand.
- Incorporate content rules into e-polices. When it comes to electronic communication, the difference between disaster and compliance often is a matter of content. Racially insensitive, gender-biased, obscene, hostile and otherwise offensive or illegal comments can warrant lawsuits and turn off employees, recruits, customers and the community. Prohibit the use of crass or offensive language in content shared in the workplace. Incorporate content rules into e-policies to ensure employees support (rather than sink) your commitment to operating in a lawful, professional culture, free of harassment, discrimination and incivility.
- Define key concepts and terms. Don’t assume employees are familiar with or understand key concepts and terms including “confidential,” “business record” and so on. If you use potentially confusing words in e-policies, provide definitions within the text or a glossary of terms at the end.
- Write in plain English. Maximize readability, understanding and compliance by writing in plain English. No “legalese.” No “gobbledygook.” No acronyms that may confuse readers. The purpose of policy is to establish rules and enforce compliance. E-policies must communicate with employees, not confuse them. To that end, adhere to the ABC’s of effective policy writing:
- Accuracy: Present reliable, trustworthy, on-the-target information and rules.
- Brevity: Increase the odds of employees reading, remembering and adhering to rules by writing separate policies for each communication tool. Keep e-policies short, simple and straight to the point.
- Clarity: You cannot expect employees to decipher policies that are riddled with grammar goofs, punctuation problems and spelling slipups. Make it easy for users to read and comply with policies.
- Secure legal sign off. New and revised e-policies should undergo legal reviews to ensure compliance with laws and regulations. Legal sign off will help put your organization on firm ground in the event of a workplace lawsuit or regulatory investigation.
- Support e-policies with training. Once e-policies are approved by legal, it’s time to educate the workforce. Make e-policy training mandatory for everyone who uses communication and collaboration tools to communicate on behalf of the organization.
- Enforce e-rules with tech tools. Take advantage of federal law and monitoring technology to enforce e-policies. Use policy and training to inform employees that management intends to exercise its legal right to monitor computer activity and content at any time and without notice, in order to protect the privacy of information and the integrity of the organization’s assets, reputation and future.
- Apply the three E’s of policy compliance (1) Establish effective, up-to-date e-policies for your organization and training department; (2) Educate employees about electronic risks, rules and requirements; and (3) Enforce e-policies through a combination of disciplinary action, training and proven-effective technology solutions.
Ultimately, lawsuits can negatively affect a company’s brand and image, thus spoiling the trust from their workers, customers and communities. Setting clear guidelines and behaviors for your company to adhere to can prevent workplace litigations and regulatory investigations, and as a result, ensure the maximization of legal compliance in a safe and productive work environment.