Preparation is everything, but the switch to remote working happened overnight. Now is the time to ensure that any changes made are not superficial, but deeply embedded in organisations.
Many people switched to online working over the last year almost overnight. It was an enormous achievement, but now as we move to the next phase of embedding hybrid and remote working comes the real work. That means planning and ensuring that everything that needs to be in place is there. Not just access to technical support and equipment, inclusion of hybrid in all aspects of working life such as facilities to beam in people from home at any meeting, office layout, office purpose and so forth.
It also means everything from reviewing security and rethinking processes that have grown up as a result of having lots of people working in the same space, with openness to address the latter and get everyone’s input, building on increased employee engagement during the pandemic, being the most important. Now is not the time for assumptions; it is the time for conversations and for listening.
One area of concern is compliance. A recent survey of law firms by The Access Group found that 85 per cent plan to offer a mix of home and office working. However, the survey also revealed several compliance issues that it says some firms may have overlooked during the Covid-19 lockdowns.
That includes health and safety assessments for homeworking staff, for instance, carrying out home workstation risk assessments and putting procedures in place to maintain direct contact with homeworkers. It also includes cybersecurity. The survey found 43 per cent of firms had not fully updated their cybersecurity policies since moving to remote working, which, says The Access Group, means they have not properly identified the risks of personal IT equipment being used, including virus protection and appropriate system access tools.
Other issues include the need to review and update compliance with money laundering legislation in light of remote working and a lack of Data Protection Impact Assessments when moving to remote working. A DPIA is designed to help firms systematically analyse, identify and minimise the data protection risks of a project or plan, which the switch to home working would have been classed as. The Access Group says that, by not carrying out a DPIA, client data could be at high risk from cybercrime and data loss, especially if this data is being accessed and stored using an employee’s personal IT equipment that may not have appropriate security software installed and is accessible by other members of the family.
Although The Access Group says the majority have considered these issues, there are still sizable numbers who haven’t, with time and lack of knowledge being the biggest problems. Not only will they have to find that time and knowledge in order to meet compliance standards, but there are many other areas that need attention if emergency remote working is to become successful long-term hybrid working.