Top 10 tips to protect yourself from employees’ (mis)use of social media

Article Index
Overview

Everyone seems to be using social media. Your employees’ use of social media can seriously damage your organisation. A click of an employee’s mouse could result in your company facing the risk of claims for potential breaches of customer confidentiality or damage to its reputation from your employee’s defamatory comments. Cyber-bullying claims from individual employees against the company are also becoming more common. Not only do you have to face these risks, you also have to manage the potential reduced productivity caused by employees’ waste of working time on social networking sites for their personal use. Here are 10 ‘top tips’ to help you protect your business against the risks of the increased use of social networking.

1. Communicate the new risks

• Make it clear to all staff that their use of e-mail and social media outside work is not necessarily private and has the potential to damage the company’s business reputation in the eyes of clients.
• Make it clear that employees must not make discriminatory comments about colleagues in any public forum.

2. Update your disciplinary policy

• Make sure your definition of gross misconduct includes reputational damage caused by the misuse of social media and disclosure of confidential information online.
• Make it clear to all employees the consequences of, for example, posting confidential company information about customers or pricing on a network site where their action will clearly have a damaging effect for the business.
• Don’t dismiss automatically. Do check the disciplinary policy before you decide to dismiss an employee because of their use of social media. Ensure that dismissal is proportionate when compared to your social media policy.
• Any dismissal needs to be consistent with the sanction applied in other cases. Consistency in disciplinary decision-making will help you defend any claims of unfair dismissal.
• To help maintain the standards, keep communicating your aims and values to employees internally to emphasise the benchmark for employee behaviour.

3. Protect against new risks by updating your use of internet and e-mail policy

• Give clear guidelines to employees as to what you consider to be acceptable conduct when they use social media.
• Be clear on postings relating to the business (in particular on Twitter, Facebook, My Space, Bebo, etc.) and contact via social networking with business contacts (for example, using LinkedIn).
• Think about inserting a requirement that employees insert a disclaimer into any blog (weblog) stating that ‘any views contained in the blog are those of the employee are not representative of the employer’s views’.
• Tell employees how you will monitor internet usage.

4. Explicitly cover out-of-office behaviour in your internal policies and link the policies to protect against new risks

• Give examples in your policies of unacceptable behaviour by employees outside of the office and office hours, for example, where their comment impacts on the company’s reputation or where they misuse other employees’ personal data.
• Make clear that breaches of other company policies amount to a breach of the disciplinary policy where this is appropriate.

5. Take a stance on the extent to which you want to encourage social networking at work

• Decide as a company and make clear whether you will allow employees access to social networking websites from your computers at any time or whether you will add websites of this type to the company’s list of restricted websites.
• Consider whether you also want to prohibit employees from publishing any content on the internet during work hours or using company systems.
• High-value, time-critical, company information may justify a ban. However, younger applicants to the company may be attracted by a business which exploits the commercial benefits of social media.

6. Keep evidence of any damage to reputation from employees’ use of social media

• Support any decisions you take to discipline an employee.
• The evidence should be more than just distaste or disapproval for what has been said - a customer or client complaint is good evidence.

7. Use tailored internal training to make company expectations clear to all employees

• Training can/must reinforce your updated policies.
• Make it clear to employees that on-line behaviour, even outside the workplace, should conform to the appropriate standards.

8. Review your standard employment contracts to check the level of confidentiality protection they give

• Check that your contracts of employment contain effective confidentiality provisions and that it is clear to an employee the types of information that are regarded by you as confidential and must not to be disclosed to the public.
• The current legal position is unclear as to whether you can require employees to return client contact information listed by them on LinkedIn, on the termination of their contracts. However, if the law changes, you may be able to require this in the future.
• Remind employees that compliance with policy rules is a contractual obligation and that breach of the disciplinary or internet/e-mail/social media policy is a disciplinary offence.

 

9. Restrict access to confidential information on a need-to-know basis

• Best practice is to limit confidential company information to those employees who need it - this should limit the extent of any problem.

10. Decide to what extent you want to use social media to gather information for recruitment decisions

• More frequently, HR professionals are using Facebook to gather information about potential candidates. You should therefore consider for what purpose, if any, your managers should use social networking for recruitment purposes and at what stage in the process.
• Give clear guidance to recruitment managers – so that they know what information they are permitted to look at and take into account.