Law360 (March 23, 2021, 4:22 PM EDT) --
This news is hardly surprising. For years, retaliation claims have been on the rise, as more employers find themselves defending retaliation claims when they take adverse action against an employee who has violated company policy by taking company documents to notify a government agency about an allegedly unlawful practice.
Since the onset of the COVID-19 pandemic, employers have been bracing themselves for the inevitable retaliation claims that will be filed by employees who are dissatisfied with the company's COVID-19 response and who will attempt to report on the employer's perceived failure to develop and implement health and safety policies or comply with governmental health orders.
In some instances, employees filing these complaints take company documents they are not authorized to access in an effort to advance their claims.
What can employers do to protect themselves? Here are 10 practical tips.
Protecting Yourself From Document Theft
Establish a written policy about access to documents and information.
If an employer does not already have one, it should develop a written policy that expressly addresses what information an employee may access, save, download or transfer in the performance of their job duties, as well as the consequences an employee will face if they fail to abide by this policy — e.g., disciplinary action, up to and including termination.
This type of policy can help an employer stave off or successfully defend a retaliation claim should the employer take disciplinary action against an employee taking company documents to notify a government agency about an allegedly unlawful practice.
Set expectations early and consistently reinforce them.
In some instances, an employer may require an employee to execute a nondisclosure agreement when they are hired whereby the employee (1) acknowledges that the company has provided them with confidential and proprietary information, including trade secrets, and (2) promises to preserve the confidentiality of that information.
These agreements can provide a contractual basis for a lawsuit demanding the return of documents if the employee misappropriates them. Alternatively, as part of the onboarding process, an employer should provide clear directives to new hires about what information and documents they can and cannot access, save, download or transfer.
Have the new hire acknowledge in writing their understanding and agreement to abide by this policy as a term and condition of employment. Reinforce the policy by regularly training employees about their obligations under the policy, and the consequences of not following it. Document an employee's attendance at training.
The sign-off and the training records can help the employer defend itself in a retaliation action by showing the employee was disciplined (or terminated) for violating a policy they knew existed and not in retaliation for any protected activity.
In addition to educating employees about the perils of improperly taking documents, employers should provide direction to their employees about how they can raise concerns about perceived misconduct within the organization.
For example, the policy might include a directive to contact the compliance department if the employee believes something is amiss, and that employees will not suffer any negative consequences for good faith reports.
Limit access to confidential information or data.
One of the best ways to protect information is to limit who has access to it. Password-protect databases and other sources of confidential information and give access only to those who need it to perform their job duties.
Consider disabling the print functions for certain types of electronic records and/or disabling USB ports on laptops to prevent employees from downloading information and taking it with them.
Monitor your employees' electronic activities.
Employers who periodically monitor their employees' electronic activities — consistent with applicable law — will inevitably find a trail.
Telltale signs include frequent emails to personal email accounts or unknown third parties, downloading large amounts of data, deleting large amounts of data, sending data to flash drives, or printing off large amounts of data.
An employer can invest in data protection software to alert itself to these activities. The information technology department should promptly investigate any suspicious behavior.
Develop a solid exit plan.
Require a departing employee to return all electronic devices in their possession — laptops, tablets, smart phones — in their original condition to prevent them from wiping devices to hide traces of suspicious activity. Disable all email and system access — including remote access — for the departing employee immediately.
Have the departing employee's email forwarded to a supervisor who can monitor it for suspicious activity and who can ensure the continuity of business operations. Where applicable, require the departing employee's support staff to change their passwords to prevent the departing employee from using those passwords to gain system access. Change all passwords to any shared applications.
Investigating Possible Document Theft
What to do if the documents have already been taken? Once an employer learns an employee has taken documents, it should immediately undertake an internal investigation and may want to consider partnering with legal counsel to preserve confidentiality and privilege. Below are recommended steps for that investigation.
Utilize administrative leave and device lockdowns.
Assuming the employee who took the documents is still employed, the employer should consider placing the employee on paid administrative leave while it conducts the investigation to protect the integrity of that investigation.
Additionally, the employer should immediately lock down the employee's company-issued electronic devices to prevent further misappropriation of documents and to preserve electronic evidence of the misappropriation.
Determine what has been taken.
The IT department should review the employee's activities on any company-issued electronic devices to determine what information was taken, how it was taken, and what the employee did with the documents — e.g., printed them off, sent them to a competitor, or forwarded them to an attorney or regulatory agency.
If the IT department uncovers any gaps in the company's data security, now is a good time to address and resolve those gaps.
Interview the employee.
Once the employer has an understanding of what information was taken, it should confront the employee about the misappropriation. What was the employee's motivation for taking the documents?
Is there an innocent explanation? Is something else going on? Does the employee appreciate that the company's policy, or an NDA signed by the employee, prohibits the employee from misappropriating documents and that they may be disciplined, up to and including termination, for doing so?
The employer should attempt to secure the employee's voluntary cooperation in returning all copies of the documents so that it may take steps to preserve the confidential nature of any trade secret information that may have been taken.
Evaluate the employee's possible claims.
The information obtained from the employee interview will help the employer decide next steps.
For example, if the employee has taken documents as part of a plan to sue the employer for discrimination or as part of a plan to compete against the employer, and the employee is unwilling to voluntarily return the documents, the employer has a basis to aggressively pursue their return.
Courts tend to look unfavorably upon an employee who engages in subterfuge to knowingly violate an employer's policies regarding the permissible access of documents and/or who misappropriates information that contains trade secret or other confidential personnel information.
However, if the employee took the documents and provided them to a governmental agency as part of a plan to blow the whistle on what they believe are the employer's bad acts, the employer's options are more limited.
Courts will generally protect trade secret information unless it tends to prove someone in the business committed a crime. Courts also recognize the concept of "self-help" discovery for whistleblowers, but courts will only permit the whistleblower to take materials that are reasonably related to the purported claims.
If the documents the employee misappropriated go far beyond that, the employer certainly can initiate legal action to secure an injunction to recover the documents and to prevent them from being used. Alternatively, the employer might be able to pursue a breach of contract claim against an employee who has violated an NDA or common law claims for breach of loyalty or conversion. The employer may also have a remedy under the Defend Trade Secrets Act, the Computer Fraud and Abuse Act, or similar state statutes.
And, depending on what was taken, the employer may elect to involve law enforcement.
Consider a cautious disciplinary response.
It is wise to proceed with caution. If an employer wants to discipline or terminate an employee who has violated an employer policy or NDA by taking documents, then the employer's ability to point to a written policy — or an NDA — that the employee violated in taking the documents can provide a legitimate, nonretaliatory reason for the action.
That is why it is crucial to have a written policy, disseminate it to employees, and train employees about the policy.
Angelique Paul Newcomb is a shareholder and Liran Messinger is an associate at Littler Mendelson PC.
The opinions expressed are those of the author(s) and do not necessarily reflect the views of the firm, its clients or Portfolio Media Inc., or any of its or their respective affiliates. This article is for general information purposes and is not intended to be and should not be taken as legal advice.
For a reprint of this article, please contact email@example.com.