Social media and technology policies

You need a social media & technology policy for your business

Facebook claimed to have 665 million active users on average each day in March 2013, and in March 2013, it was estimated that there were 500 million Twitter accounts. With increasing numbers of social networking sites available, and more and more people creating social networking profiles, employers should look to protect themselves from the risks associated. Email and internet usage generally are also of major concern to today’s employer.

So what are the risks to an employer and how can those risks be managed before and after they affect a business?

Damaging the reputation of the organisation

The most obvious risk for many is likely to be an employee damaging the reputation of their employer with one of their social media site postings. It may be that the employee has posted something derogatory about the organisation they work for, or they may have posted a strong opinion or a photograph that they hold that does not reflect well on you as an organisation.

The risk of this happening can be minimised by having a good, clear social media policy, setting out what is and isn’t acceptable by the employer in respect of social media sites and postings, as well as email, smartphone and general internet usage. You should make your employees aware of the existence of the social media policy, and frequently draw their attention to it. For example, you could consider sending six-monthly emails to remind employees that the social media policy exists.

Additionally, you may wish to consider staff training to highlight to employees the importance of setting their social media profiles to private. Some companies even strongly encourage employees not to link their social media profile to their employer in any way.


Cyber-bullying is a popular subject with the media at the moment. Although the more prominent reports seem to feature children and young adults, cyber-bullying is still an issue amongst adults. Cyber-bullying is not at all uncommon between colleagues.

So what can you as an employer do to try to prevent cyber-bullying of their employees? It is of course difficult as it is hard to monitor what is going on outside work and particularly in private messages. The first point of call would again be a policy – this time an ‘anti-bullying’ policy. If your organization doesn’t have an anti-bullying policy, now would be a good time to introduce one, and to include cyber-bullying within the policy. If you already have an anti-bullying policy at work, it should be updated to reflect the organisation’s stance in relation to cyber-bullying.

Having a strong, supportive environment will encourage those who are being bullied to report it to the relevant person so that it can be dealt with appropriately. Again, staff training may be suitable to emphasise to set out what constitutes cyber-bullying, and to reiterate that bullying will not be tolerated in whatever form. Tackling cyber-bullying head-on in this way from the outset can raise awareness, prevent it from happening and encourage staff to feel confident and comfortable reporting it if it does happen. If you are made aware of cyber-bullying, investigate thoroughly and consider disciplinary action against the bully.


For many employers, their IT systems will be the heart of, or at least crucial to, the running of their business. Should the IT system suddenly become unavailable without warning, many businesses could go into complete chaos. Similarly, a lot of confidential data relating to the business, clients and customers is likely to be stored on your IT systems, and should someone hack in it could be very damaging (never mind costly) to your business.

Ongoing staff IT training can help them understand how computers work and what they should and shouldn’t be doing. Train staff on the importance of not opening unusual or ‘dodgy’ looking emails or websites – highlight the mistakes of other organisations and how it affected them. Remind employees that their job and those of their colleagues depends on the business being protected, and explain they have a vital part to play in this. Encourage staff to seek advice if they receive an email they are not sure about – before they open it.

A clear IT policy can protect you by setting out to staff what they should and shouldn’t be doing in respect of emails and the internet. Draw your employees’ attention to the policy – not just once but regularly so it isn’t forgotten. Stress the potential consequences to an employee who fails to adhere to the policy. Setting this out can assist you with taking recourse against staff who do not comply.

To summarise

  • Policies and procedures are vital – email and internet, social media usage and anti-bullying policies are key
  • Draw attention to the policies – give employees time to read them during the working day
  • Don’t allow the policies to gather dust – refer to them regularly with your staff
  • Do all you can to make employees feel comfortable reporting issues such as cyber-bullying
  • Training will pay – help your staff understand their rights, obligations and consequences of not complying with policies. Many people do not understand technology or that what they are doing may be wrong – educating helps them and you.

Find a social media policy for your company on the Rocket Lawyer UK business pages.