IT Managers need to be aware of legal issues that can affect them. A few of those issues are summarized here.
Software vendors, and software organizations, such as the business software alliance (BSA) or the Canadian alliance against software theft (CAAST), take the matter of unlicensed software seriously. If an organization is using more copies of software than they are licensed to use, and these authorities find out through inquiries or performing an audit, the organization could suffer embarrassment and significant financial expense.
Software tools are available to track software use as compared to actual licensing. In addition to ensuring one has enough licenses, one may discover they are over licensed, thus having the added benefit of perhaps saving money.
In an ASP or outsourcing situation, it is crucial for things such as service levels, confidentiality, privacy and security to be properly documented. If not, the organization can find itself without the level of performance it requires. It could also be found in breach of laws or agreements with others regarding privacy and confidentiality.
If software maintenance agreements are not properly negotiated up front, ongoing maintenance fees can get costly and impact future IT budgets. For example, annual maintenance fees are often expressed as a percentage of the then current list price for the software. That can lead to situations where a few years later more is being paid for annual maintenance than was paid for the license in the first place.
Use of Contractors
To the extent that contractors perform work for the IT department, it may be unclear who owns the material being created. If it is not clearly documented at the outset, this uncertainty can have serious ramifications for things such as the financing or sale of the business, especially if the company is in the business of creating software. This applies to any person and any entity that creates any kind of material (known as “creative works” under copyright law) that is not strictly speaking an employee of the organization. Trying to document this after the fact is at best difficult. Problems include actually finding the individual or entity, convincing them after the fact that it is yours, and getting them to sign something without demanding some sort of compensation.
Use of IT Assets by Employees
If an organization does not have technology use policies saying what employees can and cannot do with company systems and company provided technology, and how the company can monitor such use, the organization faces potential difficulties in disciplining employees who use the systems for excessive personal use, and potential lawsuits for such things as unlawful dismissal. This includes everything from PC’s to Internet access, PDA’s, phones, copiers, etc. Having a policy also sets expectations up front, which should lead to fewer problems
Check back tomorrow for the second part of this list.