Skip to main content
Risk Management Bulletin


By March 1, 2010No Comments

With the “Web 2.0″� world of Facebook, LinkedIn, and other networking sites expanding exponentially, your company and your employees increasingly are becoming involved in the world of social media a reality that creates both opportunities and risks for your business. A comprehensive workplace policy on social media to help you manage this exposure should include these guidelines.

  1. Be sure that this policy meshes with other company guidelines on Internet usage, privacy, nondisclosure, noncompetition, ethics, etc. For example, both your social media and Internet policies should ensure your right to monitor any messages sent or received within the company’s e-communication systems.
  2. Have employees acknowledge that they understand your policy and agree to it as a condition of employment. Remind them that you’re an at-will� employer (unless you have employment contracts or bargaining agreements that limit termination options).
  3. Tell employees that, if they publish anything about your organization, they must note that they are employed there, and that their views are entirely their own.
  4. Emphasize the risks of online publishing, including the danger of disclosing confidential information which the company hasn’t released. If they’re in doubt, they should check with their supervisor.
  5. Make sure employees know that they’re legally liable for what they publish and that if they publish words or images embarrassing or harmful to the company, they’ll face discipline.
  6. Prohibit them from disclosing anything that would allow hackers to access personal information. A name and birth date can be enough for identity thieves with Web-crawling applications to triangulate their way to sensitive personal information.
  7. Stress the need for employees to check facts before publishing or attributing information and to make sure that they don’t present their opinions as facts. Doing so can make it easier to prove malice in defamation or invasion-of-privacy cases.

For more information, feel free to contact our risk management professionals.