You’ve probably grown tired of hearing the words “adjusting to the new normal.” Unfortunately, though, there’s really no other way to say it. This pandemic has permanently changed our work environment, whether you’re already back in the office or remain in quarantine for several more weeks. We must create a new normal for how we work, manage network security, and maintain productivity across a more widespread team.
For example, a client earlier this week asked with their employees working from home, how are they supposed to ensure HIPAA compliance? What if someone innocently leaves the computer screen open, or takes a note with a patient’s name and walks away from the notebook? Here’s how we recommend redefining work parameters to create the greatest opportunity for compliance and security in all work situations.
1. No personal systems. If you allow your staff to utilize their personal systems to work, store company data, and interact with customers, you’re just asking for a data breach. First, you have no control over that system. You can’t log in to perform updates, ensure it has the latest virus definitions, or wipe it if they left the company or were terminated. Second, they are probably not running the strongest virus protection, intrusion prevention, and monitoring. Supply systems that meet minimum standards. Some companies have sent employees home with their work equipment. As long as it’s properly documented, this is a safer bet than letting someone go rogue (intentionally or unintentionally) on an un-managed personal machine.
2. Clear Expectations. Set clear expectations for their work setup and communicate clearly. For example:
· Can they utilize their cell phone for business calls or do they need a VoIP/softphone tied into your network?
· How often do you expect them to check in on a daily basis?
· If you can’t get a hold of them immediately, how long do they have to respond?
· Can they attend meetings via phone, or is video required?
· How do they connect to your secure information? VPN? Firewall?
3. Signed Employee Agreement. Whether you expect remote work to be a temporary situation or believe it’s a permanent shift, put in place a clear remote worker agreement. It should lay out all of the expectations that we listed above. If you’re expecting employees back in the office, reiterate the temporary nature of the arrangement. If it’s a trial, state that. Working from home is one of those things that seems really appealing at the beginning, but depending on the worker, it may or may not be effective. As the employer, you want to maintain the option to bring them back into the office, if necessary.
4. Regular Communication. We recommend having a scheduled touchpoint – video, phone, email recap, something that is scheduled and required for each and every employee, whether they’re on-site or remote. You cannot underestimate the power of water cooler conversation throughout the day, so you need to find some way to replace that in order to keep your employees engaged and effective.
5. Effective Administration. Ultimately, adapting to this new normal is all about effective administration. Have the right policies in place, communicate the standards and expectations, follow-up with your employees, partner with an MSP that specializes in creating secure, remote workspaces. Together, we’ll continue creating this new normal.