Social Media Policies and Procedures (Part 1)

It’s a fact of life, social media is here to stay. Sites like Facebook, Linkedin, and Twitter are all reaching critical mass. It’s not just a network for college students or adolescence teenagers anymore. We’re starting to see professionals, celebrities, and even politicians publishing profiles, blogs, and even tweets. Rather than use a wait and see approach, companies should be proactive and take steps to build a framework for a well developed company policy on the use of social media.

Companies should develop and formalize official company policies and procedures for the use of social media and social networking. For purposes of this post, I refer to social media as any usage of Web 2.0 technologies and sites such as blogging, microblogging (twitter, plurk), photosharing (flickr, twitpic), video sharing (YouTube, Vimeo), lifecasting (blogtv, qik), networking (Linkedin, Plaxo), and so forth. If you don’t understand what social networking is, refer to the short video in the media box.

Creative Commons License photo credit: : amanda

Developing formal company policies on social media

The Virginia Lawyer’s Weekly published an article suggesting that companies develop formal policies regarding employee blogging to manage risks. Increasing use of social media, for professional and personal reasons, calls for the needs to clearly defined allowable uses of these tools.

A good policy should clearly define the extent and definition of social media and social networking. It includes blogs, networking sites, photo sharing, video sharing, microblogging, podcasts, as well as comments posted on the sites. Because social media is relatively new and growing exponentially fast, policies should be general enough to encompass new technologies and media, yet be specific enough to cover all areas of concern.

Putting disclaimers and disclosures

If you work for a corporation, nonprofit, or government agency, it’s always a good idea to be clear to your readers and network that the information you post is not reflective of the company you work for.

Here is an example of a disclosure statement to include in your personal blog to ensure that readers are aware that the content of your blog is yours and yours alone and do not represent the views of the company:

“The posts on this site, including but not limited to images, links, and comments by left by readers, are my own and don’t necessarily represent my employers positions, strategies or opinions.”

Sample Social Networking Policies

Below are some suggested policies that you can incorporate into an official company policy:

The following is the company’s social media and social networking policy. The absence of, or lack of explicit reference to a specific site does not limit the extent of the application of this policy. Where no policy or guideline exist, employees should use their professional judgment and take the most prudent action possible. Consult with your manager or supervisor if you are uncertain.

  1. Personal blogs should have clear disclaimers that the views expressed by the author in the blog is the author’s alone and do not represent the views of the company. Be clear and write in first person. Make your writing clear that you are speaking for yourself and not on behalf of the company.
  2. Information published on your blog(s) should comply with the company’s confidentiality and disclosure of proprietary data policies. This also applies to comments posted on other blogs, forums, and social networking sites.
  3. Be respectful to the company, other employees, customers, partners, and competitors.
  4. Social media activities should not interfere with work commitments. Refer to IT resource usage policies.
  5. Your online presence reflects the company. Be aware that your actions captured via images, posts, or comments can reflect that of our company.
  6. Do not reference or site company clients, partners, or customers without their express consent. In all cases, do not publish any information regarding a client during the engagement.
  7. Respect copyright laws, and reference or cite sources appropriately. Plagiarism applies online as well.
  8. Company logos and trademarks may not be used without written consent.

Remember that this is only a sample and framework for social media policies. In developing policies and procedures for your company, you should tailor the language to reflect the culture and the company environment. Depending on the usage of social media, policies should be more or less explicit, particularly in defining terms.

Creative Commons License photo credit: Hyaku Shiki


The following is a list of social media policies. If you have any other good resources, please let a comment so I can update the list for others.

Company Policies:

Blog posts on social media policies:

A Call for Help

This post is by no means a comprehensive set of policy examples, guidelines, and resources. Please leave suggestions and references in the comments. I will update and grow this post to reflect your feedback.

Edit: 3.3.2010 – Thanks for coming to read. The search engines have been pulling a lot of you to this post. If your company is looking for an assessment, my firm offers performance based management system reviews that also addresses your social media strategies. Check out my professional profile on my company website.

Published by Daniel Hoang

Daniel Hoang is a visual leader, storyteller, and creative thinker. As an experienced management consultant, he believes in a big picture approach that includes strong project leadership, creative methods, change management, and strategic visioning. He uses a range of visual tools to communicate business challenges, solutions, and goals. His change strategy is to build "tribes" of supporters and evangelists to drive change in culture and organization. Daniel is an avid technologist and futurist and early adopter.

26 thoughts on “Social Media Policies and Procedures (Part 1)

  1. You've got some great resources here, Daniel, but my one concern is companies trying to shoehorn into people's personal lives. We are moving into a future of work (delayed slightly by an economy that makes most desperate to keep the jobs they have) where the work-life boundaries are blurring very quickly, and where talented people will be less and less tied to a company. You don't differentiate in the blog policy section on whether this all applies to personal blogging – I would be comfortable with a company that held me to the first bullet, but definitely not if the rest were to apply to a personal blog developed and written on personal time.

    And idea for expanding on this post would be to look at cases, especially litigated cases, around employees and these issues.

    Nice work putting this together.

    1. i agree with you my friend. Who could have imagined that after two years, facebook would be so deep in peoples lives… And the funny thing is that most of us give our personal info without hesitation…

  2. With the exception that companies should develop policies, but not necessarily need to as you stipulate, I agree with the rest.

    Also, my take is firms should emulate IBM from the perspective their employees created the guidelines; managers merely provided input alongside. Point is, when a company dictates policy on social tools without social input by the employees, there's a risk the employees could jump ship and/or find ways to skirt around it.

    For similar resources as the ones you list, check out my roundup on the BBC and others.

  3. @adriel – Great tip. My post generalized social media usage and did not differentiate company usage vs. personal usage. I'll consider editing the post or writing future posts re: company blogging policies vs. personal blogging policies. I'm also going to research any legal cases. I think there was the Google employee posting a while back.

    Regarding blogs written on personal time, I think employees should be careful in their personal work, even during off hours. I tend to be more conservative and include all appropriate disclaimers and disclosures when possible.

    @Ari – I agree on "should" and updated the post to reflect that. At this point in the game, I think we don't have a good set of "best practices" yet, other than a few like IBM. It's evolving and growing as social media reaches critical mass. Company policies are best when employees provide input. Thanks for your link, I added that to my list of resources.

  4. Respect copyright laws, and reference or site sources appropriately. Plagiarism applies online as well.

    I believe that should be cite, not site.

  5. What about corporations who are concerned more over allowing unrestricted access and/or viruses? I intended to write an article about how companies can insure the result of a hack/crash/breach, but would like to have an IT talk about proper security. Your article is a good third angle, and I will link to it or repost it on my site with your permission.

  6. @modred11 – Thanks, good catch. I need to hire an editor.

    @Kevin – Access to any social networking site should be part of the IT security access policy, no different than going to I think there's a greater concern regarding leaking of confidential information, intentionally or unintentionally. Please do reference my post. Looking forward to seeing your perspective.

  7. Thanks for the resources, Daniel. While I understand the necessity, I'm hopeful companies can take a less-is-more approach (and wonder if that's not better from a legal standpoint as well). I think organizations would be wise to couple any guidelines with education and empowerment, and fundamentally embrace their employees' participation in the brand. They're going to be out there, with or without your help, so I think there's some incentive to ensure they're well informed (and happy, too).

  8. @Brant, much agreed. While less is more is preferable for employees, the employer may wish to take a more conservative approach. That said, you are also very right that employers should take a much more participatory approach. They should embrace employee interactions on line and even encourage it to build the company brand. However, they should also draw guidelines to protect the company, and the employee as well.

  9. Pingback: Carl Weinschenk
  10. Daniel:

    Thanks so much for your guidance and the well-chosen links. In certain fields, pharmaceutical and health care arenas, for example, I think you're right that employers will take a more conservative approach. They have too, as they are governed by lots of regulations designed to protect the patients they serve.

    As for Adriel's comments about blurred lines between public and private personas, most people will likely begin to create multiple accounts on social media sites to separate their career facades from their private identities. Then the demarcation between them is distinct and the differing rules apply.

    1. Carmen,

      Much late reply but regarding the blur between public and private personas, I think having a separate account for multiple purposes CAN defeat the purpose of social media to connect. When business and SOME personal combine, you truly know the person, rather than some professional persona that they reveal.

  11. There are a lot of issues that some people may not be aware of when they worry about companies horning in on people's personal lives. In some cases, companies HAVE to be concerned about those things. For example, I work in a highly regulated industry. We could face huge fines if one of our employees uses the wrong words in an online listing or even inadvertently projects the wrong image in a blog. So it's not as simple as just worrying about people's personas… Does anyone have examples of policies of companies in the securities industry? It would help me as I try to ensure that our company is fair as we revise our guidelines…

    1. I don't have any specific examples but would love to hear from you if you find some. You're definitely going into the unknown at this point. I presume that most companies, particularly in your field have non-disclosure statement and policies. Social media is simply another medium for communication. An employee shouldn't post something online just as they wouldn't publish an ad in the local newspaper containing the same information.

  12. Chris, thanks for the fantastic link. I look forward to seeing your book.

    I think an analysis table is in order to do some comparison and best practices analysis. I'd like to see common elements across the different policies and any unique elements that organizations may want to include in theirs. This is a great start. Hope to help you grow this further.

  13. I wrote this quite a while ago and yet I still continue to go back to it as reference. It was meant as a starting point for a discussion and an eventual policy. Many companies have gone the wrong way and outright banned social media in the workplace. A company can suppose their employee's social media usage but also put in guidelines to protect itself and its employees.

Comments are closed.