The REMOTE Act would require each executive department to establish policies and collect data on teleworking employees. Specifically, it mandates recording login activity and the network traffic generated by teleworking staff, and it directs managers to periodically review this traffic. It also requires data retention for a period of three years and sets up procedures for data disposal. In addition, the bill would require “swiped” login data collection at the headquarters for employees and contract staff who regularly work there, using government-issued access cards. The act would require annual reporting of certain telework data in each department’s budget materials and would add new reporting requirements related to supervisors revoking telework privileges. Finally, it expands CHCO (Chief Human Capital Officer) reporting to include a policy on documenting revocations of telework privileges and to collect and share information about telework management and its effects, including any disciplinary actions. In plain terms, the bill creates a federally mandated system to monitor how much teleworking occurs, how often employees log in, how long they stay connected, and the data traffic generated while working remotely, plus a limited set of data for telework revocations. It also formalizes reporting on telework usage and its effects to aid management oversight.
Key Points
- 1Definitions and scope: Establishes terms such as agency office, teleworking employee, contract employee, login, network traffic, and working remotely to govern how data is collected and who is covered.
- 2Data collection and monitoring (remote work): Within 180 days, each agency must adopt policies to record login activity and network traffic for teleworking staff and require managers to periodically review this traffic.
- 3Data retention and disposal: By 1 year after enactment, agencies must begin retaining the described login and network data and create a policy to dispose of it after at least 3 years.
- 4Swiped login data at headquarters: After 180 days, agencies must use Personal Identity Verification (PIV) or Common Access Cards (CAC) for logins and collect associated data (average logins per day, average duration, and network traffic) specifically for employees regular at the agency’s headquarters; data must be retained and disposed after 3 years.
- 5Budget and public reporting: Beginning in the first fiscal year after the initial 180 days, agencies must publish collected data in budget justification materials, with privacy protections for personally identifiable information, and include comparisons of telework login rates to total telework approvals and to HQ login rates.
- 6CHCO reporting enhancements: Amends Title 5 to require (a) annual reports on telework management, including adverse effects and any rise in disciplinary actions, and (b) within 60 days of enactment, a policy requiring managers who revoke telework privileges to provide written information to the human capital office and the affected employee, detailing circumstances, telework history, reasons for revocation, and any disciplinary steps.