Today I got my first new Surf Control box up and running at work. During the configuration I noticed a few things about some employees I did not want to know. So likely I will make it policy that one IT person per site is designated as the surf control admin with their backup being the designated admin from another site. Those folks will be trained that only if something is requested through Human Resources can personally identifiable reports be generated and given to management. Generic usage by volume, category etc is ok. I just do not want this to turn into a witch hunt by supervisors or managers.
If it stays an issue I may mandate we redo our installations to work only in Privacy Mode. This requires two passwords be entered to expose user details. This is expected to usually be a management and labor representative.