Use Case: Client-Site Deployments
Monitoring Employees at Client Sites: Visibility Without Violating Third-Party Location Constraints
Monitoring employees at client sites presents a set of legal, contractual, and technical challenges that standard monitoring deployments never encounter. eMonitor's device-centric architecture provides employer visibility regardless of whose network employees are on — with the offline capabilities and contractual guidance your MSAs require.
7-day free trial. No credit card required. Trusted by 1,000+ companies.
Why Is Monitoring Employees at Client Sites Fundamentally Different?
Monitoring employees at client sites is a distinct challenge that consulting firms, IT services companies, staffing agencies, and managed services providers face when their workforce operates under a client's roof, on a client's network, or subject to a client's security policies. The employer retains all employment obligations — but the operating environment is controlled by a third party.
This creates a set of questions that a standard monitoring deployment never needs to answer: Whose network policies govern? Can the employer's monitoring software run on the client's infrastructure? What happens if the client prohibits outbound data transmission from their environment? And when an employee's screen captures client data, where does that data end up, and who owns it?
According to Staffing Industry Analysts, over 3.5 million workers in the United States are placed at client sites as contractors or temporary staff at any given time. Add to that the management consulting, IT services, and systems integration workforces, and the total approaches 7-8 million workers operating daily at locations controlled by entities other than their employers. For all of them, the monitoring challenge is the same.
Three Scenarios: Which Applies to Your Deployment?
Not all client-site deployments are equivalent. The appropriate monitoring approach depends on which combination of device and network ownership is in play. Before deploying eMonitor for a client-site workforce, identify which scenario describes your situation.
Scenario 1: Company Device, Client Network — The Standard Case
The most common client-site scenario: your employee uses a company-owned laptop connected to the client's network. eMonitor is already installed on the device and operates normally. The client's network is simply the Internet connection the device uses to sync data back to your monitoring dashboard. If the client's firewall restricts outbound connections to eMonitor's endpoints, the system automatically switches to offline mode — capturing all activity locally and syncing when connectivity is available via VPN or upon return to your premises.
Monitoring scope: Full eMonitor capability applies. Screen monitoring, application tracking, time tracking, and GPS location are all available. The client's network restrictions do not affect what the employer can see on the company device.
Scenario 2: Client Device, Client Network — Do Not Monitor
When employees work on client-owned devices, the employer has no right to install or operate monitoring software without explicit contractual authorization — and even with authorization, the practical and legal complexity makes this inadvisable in most cases. Clients retain administrative control of their own devices and may have monitoring software of their own that would create conflicts or data intermingling. In this scenario, time tracking should revert to timesheet-based methods, with GPS verification via the employee's mobile device confirming site attendance.
Monitoring scope: Time tracking and GPS attendance confirmation via mobile. No device-level monitoring. Require written client authorization before any device-level monitoring of client-owned equipment.
Scenario 3: Company Device, Restricted Client Network — Offline Mode
Some clients — particularly in financial services, defense contracting, and healthcare — prohibit any outbound data transmission from their network that has not been explicitly approved. In this environment, eMonitor captures all activity data locally on the company device, encrypted, and holds it until the employee connects to an authorized sync point. This might be a daily VPN connection from outside the client facility, or a batch sync upon return to the employer's office.
Monitoring scope: Full activity capture, delayed sync. GPS tracking continues via cellular if available. All data is encrypted at rest on the device during the offline period. This approach satisfies both the employer's monitoring requirements and the client's network security policies.
Legal Framework: Whose Consent Matters When Your Employee Is at a Client Site?
The legal analysis for client-site monitoring centers on three questions: who owns the device, what consent has been given by the employee, and what do the contracts between employer and client say about monitoring.
Device Ownership Is the Threshold Question
Under U.S. law (Electronic Communications Privacy Act) and equivalent frameworks in the UK and EU, an employer's right to monitor electronic communications and computer activity on company-owned equipment is well-established when employees have been informed of and consented to the monitoring policy. The employee's physical location — including a client's premises — does not affect this right. The employer monitors the device, not the location.
This is fundamentally different from network-based monitoring, where the network owner (the client) would need to authorize any monitoring activity. eMonitor's device-centric architecture avoids this complication entirely: the monitoring software on the company laptop is authorized by the employer-employee relationship, not by the client-employer relationship.
What MSAs Should Say About Monitoring
Master service agreements between employers and their clients rarely address monitoring explicitly — which creates risk for both parties. A well-drafted MSA clause should address: (1) the employer's right to monitor activity on company-owned devices at the client site; (2) the employer's obligation to inform employees of monitoring before deployment; (3) who owns monitoring data that inadvertently captures client confidential information on screen; and (4) whether the client has any right to request or access monitoring data about the employer's workers.
This last point is particularly important in staffing and consulting contexts where a client may argue that monitoring data about work performed on their premises constitutes a business record they are entitled to. A well-drafted MSA resolves this in the employer's favor before the question arises. See monitoring contractors vs. employees for the broader contractual framework.
Industries With Specific Prohibitions
Certain client environments impose restrictions on monitoring that employers must respect contractually and legally:
- Government SCIF environments: Sensitive Compartmented Information Facilities prohibit virtually all electronic devices and software. No monitoring — revert to manual attestation.
- Healthcare facilities with ePHI access: If an employee's screen regularly displays Protected Health Information, screenshot monitoring raises HIPAA Business Associate Agreement implications. Configure screenshot blur for sensitive data environments or exclude screenshot monitoring for these deployments.
- Defense contractors with ITAR-controlled environments: International Traffic in Arms Regulations may restrict what data can be transmitted outside a secure facility. Offline mode with carefully controlled sync procedures is required.
- Financial services client environments: Clients in regulated financial services may have contractual confidentiality requirements that affect whether monitoring data containing their information can be stored on external employer systems. Review data processing terms carefully.
For compliance resources on monitoring in regulated industries, see eMonitor's compliance center.
GPS Verification and Billing Accuracy for Client-Site Workers
Two of the most practical benefits of monitoring for client-site deployments are GPS site verification and billable hours accuracy. Both address real financial risks that employers face when workers operate without direct management oversight.
Confirming Site Attendance Without On-Site Managers
Consulting and staffing firms routinely have employees at client sites with no employer manager physically present. The client is the day-to-day supervisor, but billing and HR responsibility remains with the employer. Without GPS verification, the employer has no way to confirm that workers are actually at the designated client site during billed hours — except to trust the client's report and the employee's timesheet.
eMonitor's GPS tracking logs device location at clock-in, throughout the day, and at clock-out. Geofencing configured around each client site generates alerts if employees clock in from outside the designated area. This is not about distrust — it is about maintaining the accuracy of billing records that the employer uses to invoice the client and that the client relies on to verify value received.
Billable Hours Verification for Time-and-Materials Engagements
For time-and-materials billing, the employer invoices the client for actual hours worked. The accuracy of those hours determines both the employer's revenue and the client's willingness to pay the invoice without dispute. Manual timesheet processes at client sites introduce the same inaccuracies they introduce everywhere else — but with the additional complication that the client is the one reviewing the numbers.
eMonitor's automated time tracking captures exact start and end times, active work periods, and idle time. This data, combined with project tagging, produces a billing-grade time record that can be shared with clients as supporting documentation for invoices. Billing disputes drop significantly when clients can see a timestamped activity record rather than a rounded timesheet.
Travel Time Between Client Locations
For workers who serve multiple client sites in a single day — common in IT support, managed services, and field consulting — GPS tracking provides a complete record of travel time between locations. This data supports billing for travel time where contracts allow it, and provides route verification for expense report accuracy. The GPS record also establishes a clear demarcation between billable on-site time and non-billable travel time when contracts specify different rates for each.
Data Residency and Screen Content: Handling Client Information That Appears in Monitoring Data
When employees work with client systems and data, their screens inevitably display client-confidential information. When monitoring software captures screenshots, it captures whatever is on screen — including that client data. This creates a data residency question that MSAs and data processing agreements need to address explicitly.
Screenshot Blur for Sensitive Client Environments
eMonitor's screenshot blur feature can be configured to obscure specific application windows or screen areas. For client-site deployments where employees regularly work in client applications displaying sensitive data, configuring blur for those applications provides a practical solution: the employer retains activity metadata (which applications were used, for how long) without capturing the content of client-sensitive screens. This satisfies most clients' data protection concerns while preserving the employer's productivity and attendance visibility.
Data Processing Agreements and Client-Sensitive Information
Under GDPR and equivalent frameworks, if monitoring data contains personal data about client employees (names visible on screen, client contact details, etc.), the employer may be acting as a data processor for the client's personal data. This triggers data processing agreement requirements under GDPR Article 28. Review your data processing arrangements with legal counsel for deployments in EU client environments.
Role-Based Access Controls for Monitoring Data
eMonitor's role-based access controls ensure that monitoring data — including any screenshots containing client information — is accessible only to authorized employer personnel. This limits the exposure of client data to the minimum required for legitimate monitoring purposes. Audit logs track every access to monitoring data, providing a defensible chain of custody if a client questions how their information was handled.
For broader data protection and compliance considerations, see insider threat detection and data protection and data loss prevention monitoring.
Implementing Client-Site Monitoring: A Pre-Deployment Checklist
Before deploying eMonitor for employees who will be working at client premises, work through this checklist to ensure your monitoring program is legally sound, contractually protected, and technically configured for the client's environment.
- Confirm device ownership for all deployed workers. Only monitor company-owned devices. Document device asset assignments before deployment.
- Update employee monitoring policy to specifically address client-site scenarios, including what is monitored, what data is collected, and any client-specific limitations on monitoring scope.
- Obtain employee acknowledgment of the updated monitoring policy before the first client-site deployment. Retain acknowledgment records.
- Review and update MSAs with each client to address employer monitoring rights on company devices at client premises, data ownership, and client access to monitoring records.
- Assess the client network environment. Determine whether outbound data transmission to monitoring endpoints is permitted, and configure offline mode if necessary.
- Configure screenshot blur for any applications that display client-confidential or sensitive personal data regularly accessed by client-site employees.
- Configure GPS geofencing for each client site with appropriate perimeter definitions for the physical location.
- Review industry-specific prohibitions (SCIF, HIPAA environments, ITAR facilities) and document monitoring scope exceptions for each.
- Establish a data access protocol defining who in the employer's organization may access monitoring data from client-site deployments, and under what circumstances.
Frequently Asked Questions: Monitoring Employees at Client Sites
Can you legally monitor employees working at a client's premises?
Yes, when monitoring is conducted on company-owned devices using employer-deployed software, and employees have been informed of monitoring via an acceptable use policy. The client's physical location does not change the employer's right to monitor activity on company equipment. Employers should not monitor client-owned devices or capture data belonging to the client's systems without explicit contractual authorization.
What happens when a client's firewall blocks eMonitor's data sync?
eMonitor operates in offline mode when network connectivity to the monitoring backend is unavailable. All activity data is stored locally and encrypted on the device, then automatically synchronized when the device reconnects to an authorized network — either via VPN or upon return to the employer's premises. No activity data is lost due to client network restrictions. The offline mode is transparent to the employee and requires no manual intervention.
Should master service agreements address employer monitoring rights?
Yes. Well-drafted MSAs should confirm the employer's right to monitor activity on company-owned devices at the client site, clarify that monitoring data remains the property of the employer, and specify whether the client has any right to access monitoring data. This clause prevents disputes about whether monitoring at the client's location requires client consent and protects the employer's monitoring program from contractual challenge.
What if a client prohibits software installation on their network?
eMonitor is installed on the employer's device, not the client's network. It does not require network-level installation or administrative access to the client's infrastructure. If the client restricts outbound data transmission, eMonitor's offline mode captures all activity locally and syncs when connectivity is restored. The client's network restrictions do not affect eMonitor's activity capture capability on company devices.
How do you verify employees are at the correct client site during scheduled hours?
eMonitor's GPS tracking confirms device location at clock-in and throughout the day. Geofencing configured around each client site generates alerts if an employee clocks in from outside the designated area. GPS arrival and departure timestamps are logged, providing an auditable record of site attendance useful for billing verification and client SLA compliance documentation.
What are the data residency considerations when employees access client data on screen?
When eMonitor captures screenshots and the screen displays client data, the screenshot becomes monitoring data containing client information. MSAs should address this — either by excluding screenshot monitoring for on-site employees, configuring screenshot blur for client data environments, or obtaining contractual permission to retain such data. Under GDPR, client personal data visible on screen may trigger data processing agreement requirements under Article 28.
Can eMonitor be used when employees work in a client's SCIF?
SCIF environments prohibit most electronic devices and software due to classified information security requirements. In these environments, eMonitor should not be used, and time tracking should revert to manual attestation methods approved by the facility security officer. SCIF-specific timekeeping requirements must be discussed with the client and your cleared facilities officer before any deployment is considered.
How does billing verification work for employees at client sites?
eMonitor captures exact clock-in and clock-out timestamps, active work time, idle time, and application activity. For time-and-materials billing, this data provides a precise record of billable hours that can be shared with the client as supporting documentation. Discrepancies between self-reported hours and eMonitor data typically reveal 10-20% billing leakage in manual timesheet environments, with commensurate revenue recovery upon switching to automated capture.
What industries most commonly place employees at client sites?
IT services and systems integration firms, management consulting companies, staffing agencies, engineering services firms, outsourced accounting teams, and healthcare IT implementation contractors most commonly place employees at client sites for extended engagements. Each industry has slightly different monitoring considerations depending on the nature of work and the client's regulatory environment, particularly healthcare (HIPAA), defense (ITAR/SCIF), and financial services.
How should monitoring policies be communicated to employees deployed to client sites?
Employees should receive and acknowledge a written monitoring policy before deployment that specifically addresses client-site scenarios: what is monitored, what data is collected, how it is used, and any client-specific modifications to standard monitoring practices. The policy should be reviewed during pre-deployment briefings and updated when clients impose new restrictions that affect monitoring scope. Written acknowledgment records should be retained for the duration of the deployment.
Related Use Cases and Resources
Remote Team Monitoring
Best practices for monitoring distributed teams working from home or remote locations.
Read more →GPS Tracking
Verify employee presence at client sites with GPS geofencing and location logging.
See GPS tracking →Automated Time Tracking
Capture billable hours accurately for client invoicing, even in offline environments.
See time tracking →Also see: Monitoring Contractors vs. Employees · Compliance Resources · Data Loss Prevention · App & Website Tracking