Having a social media policy—and training employees to follow it—are critical practices for every organization. Even if your company is not using social media, you still need a policy because your employees are using it in their private lives and they need guidelines to protect your interests and your organization’s reputation.
Before creating a social media policy, employers should decide what they want to get out of social media, advises Eric Meyer, a partner in the labor employment law group of Dilworth Paxson LLP.
He says companies’ social media policies should speak to every type of communication employees publish on the Internet—including comments on Facebook, LinkedIn, Twitter, Foursquare, blogs, wikis, online discussion boards, Google Groups, Tumblr, and video- and photo-sharing sites such as YouTube and Flickr—because "any of that could impact the company."
If your company is going to use social media, decide who will use it and for what purposes. Will it be restricted to just a few people—say, those in marketing, HR or media relations? Are you going to require supervisors or department heads to know the networks that their staff members are using?
Draw up the policy with the company’s culture and industry in mind. Some industries (finance and health, for example) have rules about social media engagement and what company or client information can or cannot be divulged. Align a policy with your company’s culture, whether it is formal or informal.
Tap different divisions—marketing, information technology, HR, media and legal—to help craft the policy. Take a look at the employee handbook, and identify existing rules that can be applied to use of social media. For example, rules in the code of conduct or those regarding disclosure of proprietary information, sexual harassment or equipment use may be applicable. Make sure the social media policy is consistent with and works in tandem with the handbook, and that it covers postings on social media platforms or technologies that already exist as well as those that have yet to be created.
Be careful not to infringe on the employee’s right to engage in what the National Labor Relations Board (NLRB) calls "concerted activities for the purpose of collective bargaining or other mutual aid or protection."
For example, "the NLRB has had a problem with companies that say you are not allowed to disclose confidential information without defining what is ‘confidential information,’ " says Michael Schmidt, an attorney with Cozen O’Connor’s labor and employment group and author of the Social Media Employment Law Blog.
"Some companies consider salary and wage information confidential, and the NLRB has said employees can talk about wages—so a company would be overreaching by prohibiting employees from discussing wage-related information," Schmidt says.
Under the National Labor Relations Act, Meyer explains, "employees have the right to engage in protected concerted activity. In a nutshell, when two or more employees discuss the terms and conditions of employment in a way that’s designed or intended to effect change ... they have the right to do that."
A policy should cover whether employers can use social media to screen candidates or employees and the inherent risks involved. The Society for Human Resource Management (SHRM) unveiled research in 2013 showing that 57 percent of companies do not have a policy relating to screening potential employees’ social networking sites. Of those that do have a policy, 21 percent prohibit the use of the sites and 21 percent allow use.
SHRM research from 2011 revealed that most HR professionals (66 percent) do not conduct online searches about candidates or employees or sift through their social media sites. Why? Because they are fearful they may discover information they are not supposed to know. In 2008, 54 percent of HR professionals surveyed by SHRM said they did not screen candidates by looking at their social networking sites because they were concerned about the legality of doing so; in 2013, that number rose to 74 percent.
Inform employees as to whether they need approval before posting information and identify whom they should get approval from.
Employers may discover information on Facebook about an individual’s protected status under federal, state or local law. This information might include the individual’s age, gender, religion, race, political affiliation, national origin, disabilities or sexual orientation. Or, employers may discover information that state laws prohibit them from knowing about employees’ activities when they are not at work. About 28 states and the District of Columbia have laws that protect applicants from employers that may discriminate against them for engaging in lawful activities such as smoking.
There is a danger, too, that information found online may be untrue—a recruiter might find a fake profile for a person, for instance. Or, employers may not be consistent when checking social media sites for all candidates. Of course, there may be exceptions—say, if a candidate’s job would involve working with social media. In those cases, a third party instead of a hiring manager could be used to scrutinize a candidate’s accounts.
A policy should define the kinds of employees or candidates who will have their social media presences checked, when they will be examined (for example, during background checks) and what information will be scrutinized. State that only publicly available information will be reviewed. Do not ask for passwords; six states have passed laws prohibiting this practice. Being consistent is essential.
More to Do
In addition, a social media policy should:
State that employees are not to divulge trade secrets or confidential or proprietary information, and provide examples of policy violations.
State that employees can be held accountable for content they post on the Internet—whether in the office, at home or on their own time—particularly if something they post or share violates other company policies.
Cover the legal consequences for employers and disciplinary ramifications for employees if rules are not met.
State that the policy is not a static document. It may have to be revised as laws and usage change, new platforms are introduced, and existing platforms expand. SHRM reports on such changes regularly.
State that the policy relates to social media use by the organization’s entire staff, not just those who use social media in official capacities.
Clearly and succinctly educate employees about social networking’s benefits as well as its pitfalls.
Set forth employee productivity expectations in conjunction with their social media habits.
Inform employees as to whether they need approval before posting certain types of information and identify whom they should get approval from.
Convey to employees that they are essentially ambassadors for the organization’s corporate brand, because what they write on social media sites may be disseminated to the world—even if they only share it with their "friends."
Encourage employees to think twice before posting comments they would not say out loud or that they would not want their chief executive officer, spouse, significant other or grandparents to see.
Finally, do not just give employees the policy and have them read it. "You have to have some form of training and education because you can’t always trust that everyone’s going to read the policy," Meyer says.
Aliah D. Wright is an online editor/manager for SHRM. This article was adapted from her book A Necessary Evil: Managing Employee Activity on Facebook, Twitter, LinkedIn … and the Hundreds of Other Social Media Sites (SHRM, 2013).