Social Networking Policies: Do You Have One Yet?

Don't wait for an embarrassing blunder to make you wish your company had a social networking policy.  Create one now.  In this issue of Optimal Impact, we give you a few simple guidelines that will help you create and implement the most effective policy for your organization.

A new associate in the mergers and acquisitions division of an organization decided to update his status on Facebook one day. It was innocent enough—or was it? “So happy to be done working those late nights. The deal between [Company A] and [Company B] will be done at 10 pm tomorrow.” By 10 pm the next day, the associate had been fired.  This was the illustrative story that began an intense discussion about social networking policies at a recent conference. Needless to say, it got the audience’s attention. 

As we discussed in a previous issue of Optimal Impact, the social media arena is big, and it’s only getting bigger. Organizations are using this medium to advertise themselves, their products and services, and to emphasize their brands. But how are employees using social networking? Can their use be regulated inside and outside the office? Should it be?  If the employer in the scenario we just described did not have a clearly stated policy on social networking, they may be as much to blame for the indiscretion as the employee. 

The Facts

• Most organizations were not prepared for the social networking phenomenon. According to Lance Whitney’s September 2009 CNET News article, “Employers Grappling with Social Network Use,” a survey showed that only 34 percent of organizations have a “general employee policy that addresses all online activity, including the use of social networking, both on and off the job.”  10 percent  have a policy specifically geared toward social networking, and 50 percent said they had no such policy at all.
• There is a fine line between the personal and the professional. In a 2010 article, “Social Networking Policies: The Best Practices for Companies,” published in The Metropolitan Corporate Counsel, Steve Bennett notes, “Companies cannot prevent the social networking that will often occur outside the workplace, with employees using their home computers and communications devices. Companies may, however, provide guidance regarding social networking that could be associated with the company, its employees, or its customers.”
• Social networking policies can vary greatly between organizations. At some companies, the extent of such policy is to prohibit employees from registering on social networking sites with their company email addresses.  Others entities, like the U.S. Marines, go so far as to ban personnel from using certain networking sites altogether.

If you don’t have one yet, it’s time to start thinking about creating a policy for your own organization.  Don’t worry—it’s probably easier than you think.

First Steps
Navigating these for-the-most-part unchartered waters requires courage—and a plan. Here are some of the items you should consider before drafting a policy:

• Define Areas of Vulnerability.  Identify the items that worry you. What could potentially leave your organization vulnerable to a lawsuit? How could perceptions about your employees influence the bottom line? Are you worried about overexposure? Intellectual property? Confidentiality issues? Once you identify the main areas of concern, you are better able to draft a policy that meets your organization’s needs and adequately mitigates risk.
• Refer to Existing Policies.  Don’t recreate the wheel. Strategies for dealing with social networking are no different from long-standing policies on what information can be shared through any public forum. If you already have a policy that addresses information exchange and sharing, just update the language to include social networking communications.
• Choose Your Words Carefully.  How you word your policy matters. Policy components should be presented as guidelines. Think “should” and “should not” vs. “can” and “cannot.” In addition, be sure your policy includes a separation between work and personal activities.

Creating Your Social Networking Policy
There are certain core components that your organization’s social networking policy should contain. These are the top recommendations we found based on social networking policy articles published in IT Business Edge and on HRmorning.com.

1. Define your organization’s philosophy on social media. Are you relaxed? Strict? And what does that mean for your employees?
2. Emphasize honesty. The best policies stress transparency in communications.
3. Reinforce confidentiality policies. Ensure that all social networking posts abide by the company’s policies on confidentiality and disclosure of proprietary data. 
4. Differentiate between an employee’s personal and professional online identities. Consider including in your policy a clause that requires your employees to post a disclaimer on their personal online accounts that states that the views expressed on the site are theirs alone, and are not representative of their employer or affiliates.
5. Avoid conflicts of interest. Give examples of what kind of conflicts may come about and how they should be addressed.
6. Discuss policy-monitoring practices. Make employees aware of how the company will monitor social media usage and the potential consequences for violations of the policy.
7. Apply policy uniformly across all departments and all staffing levels.
8. Integrate policy with other corporate policies. Ensure that your other corporate policies (discrimination, ethics, confidentiality, code of conduct, etc.) work to support—and do not contradict— your social networking policy.

Implementation
After diligently following our guidance above, your policy is written. Now, how do you effectively put it into practice?  There are two basic components to any policy implementation:

1. Educate and train your employees. Make everyone aware of the policy’s existence, its contents, and the ways in which the policy could impact them. Be sure employees are clear on how to adhere to the policy, and clarify consequences for policy violations.
2. Monitor and enforce the policy.  The simplest way to do this is to set up a Google alert to email a designated staff member whenever there is a new mention of your organization on the internet. These instances can then be investigated to see if they are employee-generated and/or in violation of your social networking policy.

Last Word
The social media landscape provides unique challenges to organizations these days. Social networking policies should be put into place with the understanding that they will change as social media continues to evolve. Creating a policy for your organization now can help you mitigate risk and increase preparedness for today’s (and tomorrow’s) social-media-saturated generation of workers.

Have questions about the information contained in this article? Is there a new technology topic you would like to learn more about? We want to hear from you! Email us at This e-mail address is being protected from spambots. You need JavaScript enabled to view it .

If you want to receive an email every time there is a new Optimal Impact, click here.