How To Guarantee Your Social Media Policy Is Compliant.
Posted by opihrnews
Most companies have accepted the fact that by now they ought to be engaging in social media activities in one form or another. Those who are late to the party, however, are often from highly-regulated industries such as financial services or pharmaceuticals. Despite the promise of genuine, real-time communications with customers that could greatly benefit marketing and public relations efforts, social media can present quite the challenge with regard to regulatory compliance. Organizations need to engage in social media in an intelligent way that complies with relevant industry regulations — without completely stifling the creative, genuine nature of the medium. This can be a difficult balance to strike, but it can definitely be achieved.
Social media compliance challenges
For years, instead of leveraging social media, companies in heavily-regulated industries have either avoided it altogether or have been extremely conservative with their use of it. Instead of having a sound plan, far too many organizations are simply winging it and handling issues on a case-by-case basis. This doesn’t work for even the smallest of businesses, and is therefore especially risky for those trying to maintain organizational compliance.
Why can social media be such a headache when it comes to regulatory compliance? First of all, the very nature of social media is real-time, unfiltered conversations — an online stream of consciousness. Whether it’s your employees or your customers, the idea of real-time can be terrifying for anyone concerned with adhering to internal or industry policies. For example, brokerage firms dealing with FINRA regulations need to be concerned about whether any responses their employees provide to customers in social media communities are adhering to rules about suitability and investment product recommendations. Likewise, pharmaceutical companies engaging in social media must ensure that any conversations about a product, whether they are on Facebook or Twitter, feature the FDA required safety information. And, any public company needs to be on top of every tweet to monitor whether it complies with the SEC’s public disclosure requirements. With all of this to consider, how can a company enter this world safely? Two words: policy and education.
Social media policy and training
Every company, even those without regulations to contend with, must have a well thought-out social media policy in place that deals with both employee and customer use. What should this policy include?
Your internal social media policy should make it clear to your employees what they can and cannot do or say, and how anything they disclose in a social media community has an impact on the company. Be clear and concise to avoid overwhelming them with complex details that could be misconstrued. Your policy — which should be documented — should clarify who has the authority to speak on the company’s behalf on social networks and the consequences that exist if any of these rules are broken.
Beyond the written component for employees, your policy needs to include embedded processes and workflows that ensure compliant social media communications. One necessary process is content moderation. For example, put controls in place that automatically review any outbound content for policy violations. Having a process like this ensures that communication can still be published in a timely manner without exposing the company to unnecessary risk.
Speaking of risk, it is also prudent to make sure your policy leverages a method to limit the number of employees who are granted admin rights to social media accounts. While you want to grant employees access to your communities, you also want a simple way to take this access away if they leave the company. Ensuring that only a select few have admin rights makes this possible. Imagine the potential for regulatory violation (and impact on your company’s reputation) if a disgruntled employee accesses your corporate Twitter account.
Any company facing regulatory controls could also face an audit at any moment. Your social media policy should account for this reality by implementing technology that archives all content in a way that could quickly and adequately prepare you for an audit.
Another critical component of your policy is how it deals with participation from external stakeholders, such as vendors or customers. You need to let your communities know your company’s social media policy and how you will handle responses. You must make them aware of what will and won’t be tolerated on your social media pages, especially since you have regulatory requirements to consider with every comment and response. It might, therefore, take more time for your team to respond to inquiries depending on the review process and you should set expectations accordingly.
One of the best social media moves is to be transparent. This will help to build trust within your communities and comply with regulations. If a customer blogs on your behalf, you must disclose if they are being paid, getting free products, or being given special treatment of any kind. For companies dealing with multiple regulations, posting disclaimers for all social media activity is a sound practice. This protects your company and minimizes potential confusion on what is a personal statement versus corporate.
Now that you have created a fool-proof policy, how do you make sure your employees adhere to it without having to threaten them on a regular basis? Employee education and training is the best way to uphold policies, meet regulatory requirements, and mitigate risk. Make it part of your process to regularly educate employees about current social media policies, new programs or networks, and best practices. You can also hold regular “lunch and learn” events and launch a social media certification program that grants graduates new levels of privileges in your social communities.
Despite the fact that regulatory compliance is a constant consideration for your business, social media does not have to be the enemy or hinder your compliance efforts. With a strong understanding of the risks involved, a well thought-out social media policy and effective employee training program, you too can harness the power of social media and improve your business through the building of communities.