How to Write an Internet Usage Policy
As web-based work and communication become ubiquitous and essential components of an employee’s daily work, it’s more important than ever for businesses to have a strong Internet Usage Policy (also known as an Acceptable Use Policy), both for their own legal protection and to ensure the effective use of company time and resources by employees. A well-constructed IUP ensures that employees follow the policies that preserve the productivity of their work environment and the security of the IT network infrastructure. Without an IUP that is both comprehensive and enforced, businesses risk intellectual property leaks, loss of productivity, IT insecurity, and increased legal liability.
Given the effect of an IUP on both the work environment and the IT infrastructure of a business, drafting an IUP is generally a joint effort between the HR and IT departments. Guidelines and rules should be formulated to educate employees and protect them from work-inappropriate material, malware, and potential legal ramifications, with a clear distinction made between what constitutes “work use” and “personal use”.
While an IUP should be formulated with the specific needs and structure of the business in mind, it should generally contain certain key elements such as:
- Specify that company internet is for business use only and to be used only during company business hours
- All activity on company computers during business hours, including all communications, can be accessed by the employer at any time
- Clearly define what constitutes unacceptable use (i.e. personal social media accounts, games, pornographic websites, etc.) and inform employees of their points of contact for questions regarding acceptable use
- Ensure that employees are informed of the penalties incurred by unacceptable use
- Advise employees against accessing or attempting to access another employee’s computer, stored information, or any information unauthorized by the company
- Advise employees against creating or distributing communications or accessing websites that promote any type of discrimination (i.e. racial or sexual discrimination) or that are defamatory or harmful towards persons or groups
While thoroughness and clarity are important for protecting both the business and its employees, an IUP that is overly restrictive can appear too controlling, deter employees, and even motivate employees to look for possible loopholes. The ideal IUP should strike a balance between establishing clear guidelines and legal liabilities while being flexible enough that employees retain their autonomy. An improperly-drafted or incomplete IUP can lead to lost productivity, lost business, and even the breakdown of the legal relationship or litigation between employee and employer.
As your business grows, it is imperative to focus on human resources concerns in a manner that is legally protected. The team at Doyle Schafer McMahon works with growing businesses to provide consultation that creates policy and procedures that protect both employer and employee. Contact our team today at 949.727.7077 for the advice you need regarding the complex and critical details that must be addressed.