Tech Republic recently posted on 10 things you should cover in your social networking policy. There has been a lot of discussion on this topic, including my prior post, Social Media Policy Outside and Inside the Enterprise. Like most policy discussions I have seen, this one focuses on social software use on the Web. However, it remains no less importance to have guidelines that also cover usage inside the enterprise. I think the ten points are very useful and eight apply to internal use, some more than others.
I am listing the points but reflecting on internal issues, rather than the external issues that Tech Republic focused on. I think that 8 of the 10 points are still relevant.
1: A clear company philosophy - This is one of the most relevant so I am quoting part of the Tech Republic post. “Before you can develop a policy, you need to define the company’s overall attitude toward social networking. Is it something that you consider to be a strictly personal activity, which should be generally restricted — like personal phone calls and visits from family members — to the employee’s break and lunch times? Or is the company interested in encouraging employees to use social networking for business purposes and incorporate it into their working time?” The company should encourage the use of social media for business within the enterprise but it needs to convey that in the policy. It still needs to define how it is best used and why it should be used, as well as the benefits.
2: The definition of “social networking” - I would make this one number one and the current top one number two. Tech Republic writes, “It may seem obvious, but it is important that your policy define what is meant by “social networking” or “social media,” since the term means different things to different people.” You may want to name specific sites and technologies, but because new sites are always popping up, you should make it clear that the policies are not limited to the named sites.” The same applies to tools and you need to go beyond just social networking. Who knew about micro-messaging a few years ago when blogs and wikis were dominate.
3: Identifying oneself as an employee of the company This one should not be an issue but people should be identified through the company’s Active Directory or other similar means. This automated identification is one of the benefits of moving inside the enterprise.
4: Recommending others - Employees should use common sense here but it does not have to be an explicit part of the internal policies.
5: Referring to clients, customers, or partners - While this is very important on the Web because of client confidentiality issues, it remains an issue inside as many contractual arrangements call for only discussing the client and it’s issues on a “need to know” basis. I remember that some clients of my former employer required all presentations and discussions to use a pseudonym for the client, even when the project team was the only audience for them.
6: Proprietary or confidential information - Like item five above this remains an issue inside the organization. The power of social media can take information way beyond those who need to know it.
7: Terms of Service - While those who purchase and bring software inside the enterprise should be responsible for this, employees should be aware of it. Even inside the organization, your policy should hold employees responsible for reading, knowing, and complying with the ToS of the tools they use.
8: Copyright and other legal issues - Again, this applies to internal use for several reasons. Social media activities can be discoverable if the company is being contested for violation of legal issues. So I am quoting Tech Republic here. “Be aware of the laws. Policies should require that employees at all times comply with the law in regard to copyright/plagiarism…Other relevant laws include those related to libel and defamation of character. A good rule of thumb is the one our mothers taught us long ago: “If you don’t have something good to say, don’t say anything at all.” Defamatory statements can lead to lawsuits against the author of the statement — and if that is one of your employees, at the very least it can bring bad publicity for the company.”
9: Productivity impact - This remains an issue inside the enterprise. These policies should not be oppressive and should not discourage use. They should assume that social media is a positive business activity, not a waste of time. However, like anything there can be too much of a good thing. Addressing this issue can reduce the fears of those who are concerned about social media use, as well as provide some clear guidelines for users.
10: Disciplinary action - Tech Republic writes that the policy should spell out that violation of the policy can result in disciplinary action, up to and including termination, and reference other company policies that lay out the appeals process and other relevant information. I think this applies to any policy guidelines.
I think there are other issues beyond these but this is a start. Do you have other suggestions for guidelines inside the enterprise?