In the fast-paced world of IT, compliance can often feel like a complex puzzle with…
In today’s fast-paced digital era, the importance of a robust Technology Use Policy cannot be overstated. Whether you’re initiating one or already have a policy in place, regular reviews, updates, and re-issuances are essential. Policies, just like technology itself, need continuous evaluation to remain effective.
Here are some fundamental guidelines when dealing with policies:
- Regular Reviews: Conduct reviews at least quarterly to ensure relevance and efficiency.
- Involvement of Decision Makers: Key decision makers should be part of these reviews to facilitate comprehensive discussions.
- Addressing Changes: Questions for decision makers should encompass identifying changes since the last review, such as technological advancements, logistics, personnel, safety, and security measures.
- Effective Communication: Redistribute any updates or alterations in the policy directly to all relevant parties responsible for compliance.
A Technology Use Policy encompasses guidelines not just for employees but also for contractors and vendors associated with your company. Some years back, integrating “Bring Your Own Devices” (BYOD) into these policies was crucial due to security risks. Separating personal devices from company data and outlining guidelines for their usage at work was imperative.
Today, a new consideration arises – Artificial Intelligence (AI). The advent of applications like Otter.ai poses unique challenges to privacy and data security within the workplace.
Otter.ai comes as a mobile app for your phone or for MAC or PC as an extension or add-on to your computer’s browser. It’s free to use and has a paid version with additional features that range in cost from $19 to $40 dollars a month for a corporate license. Otter.ai connects to your virtual meetings i.e. Teams, Zoom, GoToMeeting, etc. and in real time, it will transcribe everything everyone says, separating each speaker and even taking screenshots. It also records the audio from the meeting. When the meeting is over, it will email you a link to where you can access the information gathered by Otter.ai.
The issues start when we talk about privacy, and the expectation of privacy.
- Otter.ai automatically attaches itself to every meeting in your calendar and will attend the meeting even if you’re not present.
- Otter.ai has been reported to send solicitation emails afterwards to those in the meeting asking if they also want Otter.ai, or it will send a survey asking how the meeting went with Otter.ai.
- Two-party consent – not every state requires everyone involved in a conversation to agree to be recorded. The states that do are California, Delaware, Florida, Illinois, Maryland, Massachusetts, Montana, Nevada, New Hampshire, Pennsylvania, and Washington. Because meetings are virtual, are you sure everyone in the meeting isn’t in one of these states?
- Otter.ai, if not configured on your side, will email the transcript to everyone in the meeting and not just the owner.
- Questions have risen about where the data being stored on Otter.ai cloud is – is it located in the United States?
- Otter.ai can be blocked from the meeting, and should be, if the conversation has legal reasons or an expectation of privacy – like Executive sessions.
- Most applications like Zoom have an option to not allow Otter.ai. Check your meeting apps settings. With that said, who’s to say that an employee doesn’t start Otter.ai on their cell phone and everyone in the meeting is oblivious.
Your best recourse is to address Otter.ai in your Technology Use Policy, not specifically as an individual application but the use of AI in general, as there are many applications like Otter.ai using AI technology.
- For insights into incorporating AI usage policies: [mmmlaw.com – Effective AI Usage Policy](https://www.mmmlaw.com/news-resources/implementing-an-effective-ai-usage-policy-for-your-organization/ )
- Utilize a template for crafting a Technology Use Policy: [frsecure.com – Acceptable Use Policy Template](https://frsecure.com/acceptable-use-policy-template/ )
Remember, staying updated with evolving technology requires adapting policies accordingly. Integrating guidelines for emerging technologies like AI into your Technology Use Policy ensures a proactive and secure work environment.
Feel free to use these guidelines and resources to fortify your Technology Use Policy and adapt to the ever-changing technological landscape effectively or contact our team for support!