Today, many organisations are still unaware of the common risk and compliance issues related to social media. With the benefits of engaging audiences through social channels too great, and the practice of prohibiting social media use no longer feasible, organisations need to take social media risk and compliance issues seriously.
Perhaps the greatest concern is the apathy of those teams or organisations, who despite being in the know, still focus solely on the opportunities that social media offers, and ignore the necessary risk and social media compliance requirements.
It is also important to consider what role social media plays in a legal and regulatory capacity. One key question is how to stay on top of changing guidance and best practices when the social media networks and tools are evolving so quickly? Fortunately, there is a growing amount of guidance and established practices to help organisations navigate the potential minefield of social media law, regulation and compliance.
Social media law & best practice
One of the first regulatory bodies to publish guidance on using social media, the Financial Conduct Authority (FCA) has led the way in establishing best practice and advice to organisations on how to stay compliant with the law when on social media.
The FCA’s guidance on social media is intended for organisations that are governed by the FCA working within the Finance sector, yet it contains several valuable points that any enterprise can adopt, regardless of industry sector, to help stay on the right side of social media legal restrictions.
1. Retweets are endorsements
Organisations are entirely responsible for any content that is published, shared or retweeted by its social media accounts. This is something that many are unaware of, so it is vital that social media teams are fully briefed and trained about the negative implications of sharing or retweeting controversial content that is originally posted by another account. This impacts both corporate accounts and personal accounts.
This can be particularly difficult for companies to grapple with, as it might not be the content within the actual retweet that causes embarrassment but the association. It may be the previous content posted by the social media account that could trigger a PR crisis.
Many organisations state in their social media bios or policies that retweets do not constitute endorsements, however, this provides no legal protection in the event of a dispute.
2. Record keeping
For the protection of both the organisation and the employee, organisations are expected to keep full, clear records of social media Interactions, which can be referred back to by compliance teams for governance purposes. If senior managers are required to investigate customer complaints, for instance, then records must be kept so that they are able to conduct such an investigation.
Social media platforms like CrowdControlHQ help ensure organisations remain fully compliant with industry regulations, by recording all social media activity outside of the native social media networks.
3. Social media risk management
Organisations are advised to put in place adequate social media “risk management practices”, encompassing all relevant risks, including legal, operational, IT and reputational risk. Risk management is a key theme of the RESPECT Model, though its inclusion in these guidelines shows there is an expectation that organisations manage this risk to remain compliant.
According to Forrester’s Social Media Risk and Compliance report,
“all organisations need to manage social media risk..., but very few do.”
They recommend the use social media software like CrowdControlHQ to “enable, and even optimize, social engagement while enhancing oversight and mitigating risk and compliance concerns.”
This blog is an excerpt from The Complete Guide to Enterprise Social Media. Download a copy of the guide to learn more about how you can ensure that your social media stays on the right side of the law.