The United States has no legislation that’s really comparable to the EU Privacy Directive. Instead, various aspects of privacy are covered by separate rules. For example, the healthcare industry is bound to comply with HIPAA. Information collected by federal agencies is subject to the Privacy Act of 1974. Financial institutions are each governed by different regulations.

Federal Workplace Privacy Law

The only Federal law addressing workplace privacy for both public and private sector employers is the Electronic Communications Privacy Act of 1986 (ECPA). This Act prohibits employers from intentionally intercepting electronic communications. Basically, if the government can’t wiretap someone without a warrant, then it’s not OK for employers to do it.

However, this privacy law doesn’t provide much protection in practice. Employers do have the prerogative to read emails or listen to conversations for legitimate business reasons. One such reason might be a simple suspicion that the employee is violating a workplace policy regarding appropriate use of technology. This kind of case can go either way if it winds up in court – as we’ve seen in recent years.

The other big loophole is based on the idea of implied consent. If an employee is advised that communications may be monitored, it may be implied that he or she consented to even highly intrusive monitoring by the employer. This is not a guarantee that simply notifying the worker will make the monitoring legal. However, most employers who have an information technology policy signed during new hire onboarding do include a notification clause about monitoring of all company equipment.

What Might the Future Hold?

So far, efforts to pass more stringent protections for workplace privacy have failed to make it out of various Senate committees. Ironically, it may be the judicial branch of the government that sets things in motion for the next phase of workplace data privacy. In 2001, several federal court judges became very agitated when they discovered that their internet communications were being monitored by staff responsible for maintaining the computer system. You can imagine how well that went over!

As always, Emerald Software Group will be “monitoring” any regulations as they develop. Our goal is to ensure that Universal Onboarding and our other applications are in compliance with the law and promote best practices for both public and private employers.

Advertisements