The Path to Paperless

Are You Spying on Employees?

Better to set a policy for their Internet usage.

By Peter J. Polack, M.D., F.A.C.S.

As medical practices become increasingly reliant on technology, employees have more access to the Internet, giving administrators one more thing to worry about.

How big a problem is this? Cyberslacking is well known in the corporate world — one survey said that as many as 37% of employees admitted to using the Internet during working hours. The New York Times found that 25% of corporate Internet use is unrelated to work. Although it is difficult to say how rampant this problem is in the medical industry, it is becoming more prevalent. Our practice is not immune. We recently dealt with two employees found to be shopping online while on the clock.

Another business had to fire an employee who was visiting porn sites and using the content to sexually harass other employees. But even if your employees use the Internet judiciously, downloading personal data onto their work computers (documents or, worse yet, music files) can cost your practice valuable resources in terms of storage and bandwidth.

Take Steps to Deter Abuse

So what can you do about it? Establish a written and well-advertised policy regarding the use of computers, e-mail and the Internet. It should specifically address everything from not sharing passwords to limiting Internet use and e-mail for official business only. Consequences for violations should also be spelled out.

It is recommended that at the very least you put this in your employee manual. While 90% of businesses allow 'reasonable use of the Internet' while working, according to one study, less than half of those businesses go through the trouble of actually defining what that means. Sometimes, just having a usage policy can go a long way towards ensuring proper behavior. This is also good protection for the practice in case of a lawsuit (as in the case of sexual harassment of one employee by another).

ILLUSTRATOR: MARK HEINE / DEBORAH WOLFE, LTD

Also, become familiar with state privacy laws. Some states, such as Connecticut and Delaware, require that employers inform employees that they are being monitored. California is alone in more restrictive privacy laws. And beware of other issues of privacy as well. In a story from ZDNet, one company had documented an employee's abuse of the Internet and gotten into legal trouble when it distributed that same employee's private health information. Know your rights as an employer. If in doubt concerning a particular issue, consult an attorney who specializes in employment law. Generally, the computers that employees use, as well as their content, are the property of the company. And in a case of a lawsuit against the practice, such as for alleged harassment or discrimination, e-mails can be subpoenaed.

Depending on the size of your practice and the number of employees, it may make sense to use monitoring software. This adds more complexity, and possibly cost, to your monitoring effort. Depending on the level of technical expertise in your office, you may need to employ a networking consultant. While free software solutions are available for monitoring, learning to operate the software may be more difficult than it is worth. OM

Next: Outsourcing your IT needs