10 Tips for Creating a Social Media Policy for Your Business : Social Media Examiner

social media how toPolicy. It can be a dirty word, especially in social media communities.

Why? Poorly written social media policies restrict, deter and deaden social media engagement–the exact opposite of what businesses want.

However, great social media policies support, protect and empower high-quality engagement. It is about empowerment and trust.

As Beth Kanter writes, “Trust is cheaper than control.”

This article will explain how social media policies differ from other policies and give you 10 tips to help create an effective social media policy.

Why Social Media Policies?

Social media policies are different. In most policies and procedures, we document what staff should do in certain situations: “If this happens, do that.” For social media, there is no way to know exactly what situations may arise – or in many cases – how staff should best handle them. Each social media network and each relationship is unique and the social media environment changes daily.

The risks are uncertain. The courts are in the process of interpreting laws in regards to social media. Until that interpretation process is mature – and this will take yearsorganizations operate without definitive guidance. Issues that may arise include: employee and/or client confidentiality, labor relations issues, brand jacking, miscommunication, spamming, etc.

Given an uncertain environment and unclear risks, how do we move forward?

There are hundreds of sample social media policies on the Internet. If you are looking for a starting point, you will surely find ideas here and here.

However, in order to create policies that work – really work – we must first lay the groundwork.

Here are 10 strategies you can implement today.

#1: Gather Your Team

A social media policy cannot be written by one person alone. It must be unique to your organization and ideally should include input from many different people with a variety of skill sets.

A team approach ensures that key areas of risk are managed properly and that any future challenges that may arise are handled appropriately.

Besides the staff directly involved in social media, potential team members might include: CEO, HR director, IT director, marketing/development director, program/department director, a social media–savvy lawyer and at least one digital native.

Don’t worry, not every member of this team needs to be aware of the intimate details of your social media activities. Think of it this way: if a crisis should occur, what information does your team need to have (about the social media and legal landscapes as well as your organization and values) in order to respond appropriately on social media?

strong team

Who needs to be on your social media team? Image source: iStockPhoto.

#2: Focus on Creating Culture

Social media is organic. It changes every day. Bureaucratic policies aren’t likely to be successful. Instead, we want a culture of innovation, idea-sharing, problem-solving and creativity. There is a direct link between internal organizational culture and policies. In fact, the policies we write shape our culture.

As you write your policies, include processes that reinforce a culture of evaluation and learning. Here are some questions to consider:

  • Who is on your social media team?
  • How often do they meet?
  • How are problems/challenges handled and by whom?
  • How do you document group learning?
  • How will we evaluate our successes and learn from our failures?

In your policies, you can acknowledge the social media cultural values of transparency, consistency, connection, creativity and promptness. With these values in mind, build processes that emphasize training, support and evaluation.

If the concept of social media culture is new to you, check out the 26 Promising Social Media Stats for Small Businesses. It offers a great overview of the social media landscape and why it affects businesses.

#3: Consider Legal Ramifications, Including the National Labor Relations Review Board (NLRB)

Many of the court cases coming out about social media are labor relations issues. The National Labor Relations Act (NLRA) was enacted primarily to protect employees’ rights to organize.

Traditionally, employee organizing took place in person or over the phone. With the advent of social media, it also takes place online. It doesn’t matter if employees are unionized or not; they have the right to discuss conditions of employment with fellow employees.

This means that even a casual conversation on Facebook about working conditions may be protected under the NLRA. Each situation is different, but the bottom line is this: be very careful about telling employees what they can and cannot do on their own personal social media sites. This language can quickly backfire.

In August 2011, the NLRB issued a memo regarding 14 of these cases. This memo provided explanations of the cases as well as the reasoning behind the decisions made. I highly recommend that employers read this memo and share it with everyone on the social media team.


Memo dated 8/18/11 from the National Labor Relations Review Board.

#4: Separate Overall Policies from Site-Specific Guidelines

The social media landscape changes every day. If your policies are narrowly focused on a specific social media site, they will be out of date pretty quickly. In general, the policy should focus on the big picture: who does what (roles and responsibilities), a general overview of how they can/can’t do it (legal compliance and branding, for example) and why we do it at all (purpose and values).

Separate written guidelines can be created to record the nitty-gritty specifics of a certain social media site. These guidelines help tremendously in the case of staff turnover. The process of drafting guidelines also helps staff to better understand and explain what they are doing and how.

#5: Don’t Reinvent the Wheel

It’s likely that you already have many internal policies in place that apply to social media activities. This includes policies about privacy, photo consents, Internet usage, cell phone usage and many others.

You can reference these policies in your social media policies, taking special note of any differences in application that may be necessary with social media.

For example, your cell phone usage policy may not currently discuss the use of photos from cell phone cameras. Thanks to geotagging, photos taken by cell phones almost universally contain digital coding which betrays your exact location on the date and time of the photo. If you upload a photo taken by a cell phone camera to your social media sites, you might be giving away more information than necessary.

A social media policy might take this into consideration by requiring staff to use software to strip the photos of geotagging information before the photos may be posted.


Many of your existing policies are applicable to social media. Image source: iStockPhoto.

#6: Include External Regulations

Most legal regulations (including HIPAA, FERPA, fair employment, etc.) are in effect online as well as offline. Use the social media policies to remind employees that these regulations must be adhered to. Where possible, give explicit examples of what types of behavior are not acceptable.

P.S.: This is a good time to think through your corporate compliance training. Social media is affecting just about every aspect of our lives and businesses. If your training on privacy, confidentiality, branding, etc., don’t currently discuss social media, it’s time to include it.

#7: Create Two Policies

It is considered a best practice to have two social media policies: one for employees using social media for their job and one for employees using social media in their personal lives.

The first policy, focusing on job-related activities, should cover everything we’ve been discussing here: defining your team, articulating roles and responsibilities, branding guidelines, and becoming clear about what internal and external policies must be complied with.

The second policy, focusing on employees using social media in their personal lives, should give employees information about what they can and cannot say about your company on their personal site.

Some organizations – including military organizations and health care – will want to be very specific about what employees are not allowed to share online.

For example, trade secrets, client information and even employee whereabouts might be kept strictly confidential. Other organizations will want to encourage employees to act as brand ambassadors. Some even go so far as to provide guidance as to how to talk about the company online. However you’d like your employees to discuss (or not discuss) your company online, give them guidance.

Two words of caution: 1) It is dangerous to require employees to use their own personal social media accounts to connect with your company online. They may choose to do so, but let that be their choice. The last thing any manager wants is to learn more about an employee’s private life than he/she needs to know. 2) Before you write the policy, reread tip #3 and the memo from the National Labor Relations Review Board. It may save you a lot of headache down the road.

#8: Emphasize Education

The boundaries between our personal and professional lives are blurring. Most employees haven’t fully realized the challenges that may develop as a result of decreased privacy. The old saying was, “What happens in Vegas, stays in Vegas.” Today, a more accurate statement is, “What happens in Vegas, stays on Facebook.”

As I read the court cases that come out about social media, it seems to me that many of the cases arise out of ignorance, not malice, on the part of the employee. Many employees haven’t fully thought through the consequences of their cyber-behavior. By providing cyber-safety education to their staff, employers are preventing problems before they start.

Just as you have two policies, one for job-related activities and one for employees using social media in their personal life, employee education can also take two tracks:

  • Provide job-related training to staff engaged in social media on the organization’s behalf. Ongoing, regular training helps keep your organization current and gives staff an opportunity to network with others in the field.
  • Educate all staff on Internet safety. This education might include how to protect ourselves from cyber-crime and how to establish and protect our online reputation.

When it comes to responsible cyber-behavior, employers have a unique opportunity to educate rather than mandate. This commitment demonstrates respect for the employees. Employees feel valued, trusted and inspired. Everyone benefits.

#9: Ask a Lawyer to Review the Policy

Legal advice is critical. It is easy to misstep, especially in the areas of labor relations. Make sure you ask a lawyer who has experience in the area – your tax attorney friend won’t be of much help.

Legal review can be expensive; however, a lawsuit would be exponentially more costly.

#10: Don’t Let it Collect Dust

The cyber-environment changes frequently. Social media policies should be reviewed at least every six months. Let everyone on the team review the policy separately and then together.

Ask yourselves, is this still relevant? Does this help us do our jobs? How has the social media environment changed recently? Are there any legal updates that apply?

Social media policies are not the most exciting part of social media; however, if they are developed well, they can support, empower and engage staff as they in turn engage your clients.

antique books

Mark your calendars to review your policies in 6 months. Image source: iStockPhoto.

What are your thoughts? What is your best advice for a company writing a social media policy? Please leave your questions and comments in the box below.

Images from iStockPhoto.
Tags: , , , , , , , , , ,

Get Social Media Examiner’s Future Articles in Your Inbox!

Join 450,000+ of your peers! Get our latest articles delivered to your email inbox and get the FREE Social Media Marketing Industry Report (49 pages, 77 charts)!