A good social media policy should be clear and consistent, and give examples of acceptable and unacceptable conduct.
The main aim of the policy is to help employees understand where the line is - and how to stay on the right side of it - and for managers to be able to identify and act appropriately in instances where the line has been crossed.
Make sure that it ties in with other policies that you already have, such as anti-bullying and harassment. Think carefully about the purpose of the policy and what you want it to achieve. This will ensure that your ‘message’ is clear. It needs to fit with your company’s ethos and culture, too.
There’s no point in having a policy that no one ever reads (or even if they do read it, they fail to fully understand it), so make sure that it’s visible and that staff and managers are trained in relation to its content and on its implementation. You will need to be consistent in how it is applied, so think carefully about what sanctions are appropriate, and look at how different situations have been handled in the past, before you introduce it.
In terms of content, what is required will depend on the nature of your business and what policies you already have. By way of a guideline only, some of the following areas might be relevant:
- Network security: you can include rules about the use of anti-virus protection, firewalls, downloading etc. in this policy. Alternatively, you might already have an IT policy that covers this.
- Acceptable behaviour and use of email (if you don’t have another policy dealing with this).
- Acceptable behaviour and use of internet: are employees allowed any personal use? If ‘some’ or ‘limited’ personal use is allowed, what does that mean? Are some websites prohibited entirely? Think about the obvious culprits like Facebook, but also other websites like Amazon or even supermarket websites, for online shopping.
- Smart phones: are employees allowed to use their own phones? If the employer provides the phone, what personal use are they allowed to make of it? Not just phone calls, but data and internet use - browsing websites, watching videos, downloading apps. Can they keep personal music collections and photos on the phone? Think about how you can monitor and enforce this.
- Social networks, including blogging and Tweeting: can your employees mention their jobs on their social networks? Can they use social networks and make posts during the working day? It’s a good idea to be very clear about what is and isn’t acceptable to post about, and draw attention to relevant confidentiality provisions contained in your employment contracts. If you have staff who are employed to run or monitor your company’s own social media profile then you will need to be very clear about the standards you expect of them.
- Data protection and monitoring: what monitoring will you be carrying out? Employees need to be made aware of monitoring and guidance from the ICO sets out that you should not go beyond what is reasonably necessary to achieve your aims. Logging everything and reading personal emails indiscriminately is unlikely to be acceptable.
- Disciplinary consequences of a breach of the policy: clearly it will depend on the facts of the situation, and you don’t want to be too prescriptive here in setting out what the likely sanctions would be. However, it’s important to flag to employees that breaches of this policy may attract disciplinary sanctions if appropriate.
Employers should make clear that harassment and bullying of other employees via social media will be treated in the same way as harassment or bullying in any other context. This can be included in an anti-bullying and harassment policy instead.
Likewise, it’s prudent to remind employees that discrimination is strictly prohibited. You may already have an equal opportunities policy which makes this clear, but bear in mind that it is frequently in the context of social media that so-called ‘banter’ escalates into inappropriate comments.
It’s a good idea to be very clear about what is and isn’t acceptable to post about
Paramount for many employers is addressing the potential for reputational damage arising from inappropriate use of social media platforms by staff. An employer’s particular requirements, e.g. a total prohibition on negative comments about the company or its customers or products, a ban on declaring any form of association with the company at all, or a similarly restrictive provision, must be spelt out clearly in the policy and drawn to employees’ attention, if you wish to be able to rely on it going forwards.
When drafting your policy, remember that the goal is to help employees to be aware of the risks attached to using social media, and to be clear about what the rules are and where the line between acceptable and unacceptable conduct will be drawn. Deployed in the right way, social media use (both by the Company and by its employees) can be an incredibly valuable and useful tool.