Skip to main content

Employees' Mobile Devices Expand Your GDPR Liability: Here's How

blog GDPR liability mobile devices
While allowing your employees to answer work emails on their smartphones may seem like a harmless (or even beneficial) offering, research revealed this practice can actually cause increased liability concerns under the GDPR. Indeed, industry experts discovered in a recent survey that 61 per cent of UK workers use their personal devices to answer work emails or continue working out of office when they get home. However, 46 per cent of workers also admitted they were unsure of how the GDPR affected their personal mobiles. 

Without proper risk management, permitting employees to use personal devices for work opens the door to a wave of additional cyber-security concerns. And if your business suffers from a data breach at the hands of an employee’s personal device, your directors and officers, senior managers or even data protection officer (if you are required to have one) could be held liable on account of negligence. 

If you allow Bring Your Own Device (BYOD) at your organisation, consider these GDPR compliance tips to avoid a personal device disaster: 

  • Conduct mandatory GDPR training for all employees, regardless of seniority or department. Include detailed guidance on personal device use to ensure your staff is aware of how to keep both their own data and customer data secure on any network or device.
  • Communicate regularly with the IT department to make sure that all BYOD risks are being controlled and data is kept secure.
  • Implement a BYOD policy that stays compliant with all applicable guidelines in the GDPR. Be sure to enforce this policy and establish strict consequences if an employee fails to meet the requirements.

For more guidance on insurance solutions, such as cyber-cover and D&O insurance, contact ICB Group today.

T: 01784 608 100

The content of this Profile is of general interest and is not intended to apply to specific circumstances. It does not purport to be a comprehensive analysis of all matters relevant to its subject matter. The content should not, therefore, be regarded as constituting legal advice and not be relied upon as such. In relation to any particular problem which they may have, readers are advised to seek specific advice. Further, the law may have changed since first publication and the reader is cautioned accordingly.

© 2019 Zywave, Inc. All rights reserved.