A policy should clearly stipulate situations in which an employee should not assume their data and communications are private. Phone calls, texts, emails and social media communications that are transmitted on corporate-owned equipment, for example, are not legally protected. Software and websites that are not required for business purposes may be restricted according to policy or blocked to prevent problems.
It’s also important to specify under what conditions employee data will be disclosed. Those conditions could include situations where the employee had consented, emergency situations and legal situations, such as a warrant or a court order.
Privacy policies should also disclose any employee monitoring systems, such as video recording. While legal in work areas if disclosed, video recording is not legal in other common areas, such as washrooms and break rooms. Within the United States, video cannot include audio recording, which is illegal under wiretap law.