h1

Employees Pose Risks To Your Company

Your employees are the life blood of your company.  They perform a multitude of tasks from bookkeeping to development of new products, from service to sales, and you wouldn’t have a company if it were not for them, right?  Absolutely, but in addition to being a key asset, your employees can present potentially serious risks to your company.  Some are obvious, and some are not, but the key is to understand these risks and how you manage and reduce the overall exposures.

 

Employee dishonesty is probably the most obvious employee related risk exposure.  Theft, computer fraud, and forgery are just a few of the employee crime-related problems businesses face.  You have to continually be monitoring your financials, your inventory, and conduct independent audits of your company’s financials.  Additionally, you should consider background checks on potential new hires.  In general, you must keep clear sight of your company to be on the lookout for unusual activity, which is missed more often than one would think.  You can also have a third party crime exposure if your employees are working at your client’s premises and/or have access to the client’s financial systems or other sensitive data.  There have been many stories over the years of employees devising new ways to embezzle funds and valuables from their employers and clients, and we have certainly not heard the last of it.  Humans are a creative race.

 

One area of risk that is now front in center in the business world is employment related claims such as sexual harassment, discrimination, and wrongful termination. It happens more often than you think, considering the fact that few cases ever make it to trial and the proceedings are usually kept confidential.  Your company must have a carefully written employee handbook based solely on what is required by law that clearly defines your company’s policy on conduct.  You must also have a clear understanding about the use of appropriate job applications, how to conduct interviews, and stay updated on federal and state employment related statutes among other things. This is an ongoing and far reaching task that should be handled by someone in your organization on at least a part time basis.  If not, you may need to seek the help of an outside vendor to keep your company current.

 

With the continual emergence of innovation in the technology and life sciences sectors, there is another employee related pitfall that threatens.  Intellectual property is the single most important asset of these companies, and without reserved IP rights, the company has little or no value.  To protect these rights, the first step is to consult with an experienced IP attorney to navigate the patent process and outline other IP management strategies.  This will include having employees sign employment agreements to deter them from taking IP and other trade secrets should they leave the company at some point. These agreements will also confirm that any inventions that the employee develops while employed by the company are owned by such company, and that any trade secrets learned will not be shared with anyone.  Of course U.S. patent law dictates that inventions developed by an employee are considered property of the employer, but the employment agreement simply helps to deter expensive legal challenges and misunderstandings in the future. Diligent care to protect trade secrets is important for obvious reasons, but more importantly to demonstrate that the trade secrets are truly secret and are not meant to be “available” to the general public.  This is important, because if you are alleging theft of trade secrets by an employee in a court of law, you will be required to demonstrate that you treated it as important and secret, and that it had value in not being available to others.  Sensitive materials should be accessed by as few people as possible, and stored with a high level of security.  There are many strategies for keeping intellectual property safe, and many are rooted in common sense thinking.  Again, consultation with an experienced IP attorney is key.

 

The other side of employee related intellectual property risk is vicarious liability arising out of acts committed by your employees. For example, when a company hires an employee from another firm, that new employee could bring trade secrets or specific intellectual property garnered from their ex employer.  If the new employee uses this knowledge or intellectual property for the benefit of your company (or their advancement) without your knowledge, you could be sued for intellectual property infringement, unfair business practices, or theft of trade secrets.  You may argue that it was in fact the employee that committed these acts, but it will be your legal obligation to prove that the employee did so without your knowledge.  Employees’ undisclosed use of open source code software poses a similar risk.  Using open source code without knowing which license is associated with it can open up intellectual property infringement claims.  A company policy that clearly defines the use (or non use) of third party intellectual property and open source code is a good idea that at least lets the employees know the guidelines.  Additionally, the use of third party development management software can help to identify possible open source violations, rogue “back door” coding, and other policy breaches by employees.  Again, keeping clear sight of your company’s operations and procedures is a common sense strategy to identify potential infractions.

 

Another area of concern is employee’s use of company systems and the internet.  Productivity deficiencies associated with employee’s use of the internet for non-work activities have been well documented and estimated costs vary.  In addition to the productivity issue, other problems arise such as the introduction of virus and malicious code to your network.  This can cause direct damage to hardware, corrupt valuable files, and expose your company to a data breach.  Furthermore, the consequential loss in addition to the direct damages may extend to the interruption of your business, resulting in lost revenue.  Depending on the data compromised, a data breach can expose you to state and federal statutes, which could have your company paying to notify third parties of their exposure, ongoing costs to monitor their credit, and other hefty expenses.  TJX, Hannaford, and Choicepoint are examples of large company data breaches, but many similar incidents at smaller companies never show up on the six o’clock news, so take no comfort in the thought that it only happens to big companies.  Also, an employee’s use of the internet at work for viewing pornography and insensitive content can result in sexual harassment claims if another employee is either accidentally or intentionally exposed to such content. 

 

With the advent of Social Media, a new employee related internet risk has been created.  Irresponsible blogging by employees can result in libel allegations if the employee posted the blog while at work, as you can be held responsible for actions of employees while in your employ.  Employees posting comments about ex-employers or competitors are examples of what can cause defamation allegations.  This is a developing issue that will take many years to play out, but it is a good idea to tread carefully in the meantime.  I have gone into more depth about this in another white paper on this site should you wish to understand these issues in greater detail.

 

Reducing risk exposures from employee’s use of company systems starts with your employee handbook, which should include your company’s policy on the use of company systems and the internet, and the ramifications of breaching the policy.  Network security utilities such as firewalls and anti-virus software must be deployed and updated on a regular basis.  It may also be appropriate to evaluate other third party network security products that can help to determine your network vulnerabilities and identify possible solutions.

 

The employee related risk exposures that I have outlined can be managed and reduced, but if Murphy’s Law has anything to say about it, losses will happen.  Insurance coverage is available to a varying extent for most of these exposures, and many are cost effective.  The premiums will depend on a plethora of underwriting criteria, including your ability and demonstrated willingness to control and reduce your exposures.  Generally speaking, insurance premiums are basically derived by an underwriter’s perception of how much risk is being taken on by the insurer.  Conversely, the lower the risk is perceived, the lower your premium will be.  Of course, if you manage your risk to the point that you feel that you can retain the risk yourself, then that is a decision that you have to make.  Regardless, if you have a clear understanding of the risks your employees pose to your company and take steps to control them, your business will be better off to begin with.

 

IMPORTANT NOTICE: The information presented here is for informational purposes only and should not be relied on as legal advice.  No one should act or refrain from acting on the basis of the information provided but should instead seek the appropriate legal advice on the particular facts and circumstances at issue from a properly licensed attorney.