Having a social media policy for your business is the best way to make sure your employees know how to act on various channels. It can also help stave off legal or security problems.
Remember when Wendy’s tweeted an image of Pepe the Frog? Oops. There aren’t many more embarrassing situations than accidentally aligning one’s burger chain with white supremacists. Unfortunately, it’s all too common for a company to have to apologize for an employee’s thoughtless tweet. And it could have been avoided if that employee had been given proper guidance from the start.
In this guide you’ll find the tools you need to create a social media policy and put it in place across all your channels. We also provide a few good examples of policies from recognizable brands.
Bonus: Get the step-by-step social media strategy guide with pro tips on how to grow your social media presence.
What is a social media policy?
A social media policy outlines how an organization and its employees should conduct themselves online. It helps safeguard your brand’s reputation and encourages employees to responsibly share the company’s message.
But, because social media moves fast, policies that are too rigid can be ineffective in a changing situation. Think of your social media policy as a set of guardrails, rather than train tracks. It should be considered a living document. Ongoing updates will be necessary.
But it doesn’t need to be an unreadable brick either.It can be as simple as this three-pager from Adidas. The goal is to provide employees with straightforward guidelines that are easy to follow.
Benefits of a social media policy
Even if your business is already established on social media, it’s never too late to draw up a policy to help guide decision making as you go forward. If you’re just building that presence now, then even better. A good policy will be even more effective if it’s implemented right away.
1. Defends against legal trouble and security risks
Social media is a complicated legal ground for things like copyright and privacy. But strong social media policies can help safeguard your organization against potential legal troubles and security risks. They outline potential threats and include instructions on how to avoid them.
The most pressing security threats vary from industry to industry. For example, in its social media policy, the Los Angeles Times warns employees, “The social media network has access to and control over everything you have disclosed to or on that site. For instance, any information might be turned over to law enforcement without your consent or even your knowledge.” For a company that relies on its ability to protect its sources, social media can be a dangerous tool if used inappropriately.
Your policy should also explain what an employee must do if they accidentally put the company’s reputation at risk, or if they fall prey to a malicious attack.
2. Empowers employees to share company messaging
Do your employees love working for your company? If they want to spread the love, give them the tools to do it in a way that ensures they don’t have to worry about getting on the wrong side of their boss.
With clear guidelines, companies can help employees understand how to use social media to promote the brand. Use your social media policy as an employee advocacy tool. Outline best practices for sharing company content on social, as well as commenting online—and when not to engage.
For example, Gap tells its employees to cool it around controversial subjects. “Be careful discussing things where emotions run high (e.g. politics and religion) and show respect for others’ opinions.” It also warns them against engaging with negative comments, posting confidential information about the company, or talking about internal strategies.
An employee advocacy tool like Hootsuite’s Amplify makes it easy for employees to share pre-approved social media content. This reduces risks to your company and ensures everything is accurate and on-brand.
3. Creates consistency across channels
What is your brand’s voice? Is it the optimistic, firm-hand-on-the-tiller voice of General Electric? The snarky, youthful voice of Wendy’s? Or is it the bonkers, over-caffeinated voice of Moon Pies? That’s for you to decide, and to communicate to the people who often form the front line of public engagement.
If you have public-facing employees, you also need to make sure they are aware of any brand standards. For example, you may want your employees’ Twitter handles to include a reference to your brand. Or you may want to have certain requirements of those who do.
At Hootsuite, we encourage employees who interact with the public on behalf of the company to create a Twitter handle using this naming convention: @Hoot[individual’s name]. This makes it easy for customers to identify Hootsuite employees and engage with them.
This part of your social media policy should also address proper use of images, video, and other media. If your business calls for social media images that are consistent with your brand, you need to outline these requirements in your policy.
What to include in a social media policy
Break your social media policy into two areas:
- Social media policy for the company’s official accounts
- Social media policy for employees
While there is overlap between the two areas, there are aspects of both that may need specific detail. Separating them will help keep your policies clear and easy to follow.
1. Rules and regulations
This section should outline your company’s expectations for appropriate employee conduct on social media. For example, many policies ask employees not to swear or state controversial opinions when posting about the company.
This section might include instructions on:
- Brand guidelines: How to talk about your company and products
- Etiquette and engagement: Outline how — and if — you want employees to respond to mentions of your brand (positive and negative)
- Confidentiality: Defines what company information should not be shared on social media
- Consequences: Instructs employees and managers on the consequences of abuse of social media
- Social media for personal use: Lays out how and when employees should use social media, and what to avoid
2. Roles and responsibilities
After the 2017 Boston Marathon, Adidas stole the spotlight in the worst possible way. An employee sent out an email saying “Congratulations, you survived the Boston Marathon.” Theevent that had been the target of a horrific terrorist attack just four years prior.
You can bet within minutes of that email, meetings were called to discuss how to respond to the inevitable social media backlash. Having a plan in place ahead of time, and knowing who handles what, is key to responding effectively in a crisis.
In this section, define who is responsible for specific social media governance tasks. Start by creating a table broken into two columns. The first column should define a specific social media responsibility, such as brand guidelines. The person responsible for governing that responsibility should appear in the second column.
Social media roles and responsibilities to assign might include:
- Message approval
- Crisis response
- Customer service
- Social engagement
- Security and legal concerns
- Staff training
- Social media monitoring
3. Potential legal risks
There are a lot of legal risks involved with social media.And working fast across large teams can amplify those risks.
Your social media policy should provide clear guidelines for handling any areas of potential concern. Those legal risks vary from country to country, so do your research and get legal counsel.
Some topics that this section should cover are:
- Crediting sources: Where did this come from? Your policy should specify how your team will credit original sources if they are reposting or borrowing content from an external source (an image, for example).
- Privacy and disclosure procedures: Define what is considered confidential and non-sharable, such as plans for a rebranding announcement or customer information.
- Employee disclaimers: Tell employees to include a disclaimer when publicly commenting on content related to your business that identifies them as an employee. For example, “views expressed are mine and don’t necessarily reflect those of my employer.” You may also suggest employees add such a disclaimer to any publicly accessible bio, such as Twitter or LinkedIn.
- NOTE: It is also important to identify what such a disclaimer does and does not mean. For example, the City of Edmonton’s social media guidelines have the following to say about disclaimers: “As an employee, you are still perceived by members of the public as a representative of the City, even if you include a statement that your opinions are your own.”
4. Security risks
Social media can be a potent tool for scammers and criminals. From phishing scams to ransomware attacks, social media security risks are all too common. Companies must be hyper-vigilant when it comes to protecting their online presence.
Social media policies can help safeguard against such risks by making employees aware of the threats, how to avoid them, and what to do should an attack occur.
Your policy should provide guidelines on how to:
- Create secure passwords and set up two-factor authentication
- Keep software and devices updated
- Avoid phishing attacks, spam, scams, and other malicious threats
- How to identify an attack
- How to respond in the event of a security breach or attack
When public mistakes happen, the first line of defense for the affected company is to point the finger at the employee who went rogue. After all every employee is responsible for what they publish online. But to avoid embarrassment in the first place, remind your people to exercise caution and common sense. Whether they’re posting on behalf of the company or on their personal channels, it’ll be the company’s reputation that suffers.
How to implement a social media policy
Seek input. This policy should be crafted with employee participation. This will help ensure all your bases are covered and that everyone buys into the program. It should be an ongoing process.
Focus on the big picture. Social media changes all the time, including which networks are the most popular and how they’re being used. Don’t get too caught up on providing specifics for each channel. Instead, provide guidelines that are as universal as possible.
Don’t discourage use. The language and content of your policy should be designed to encourage employees to be active on social and champion your brand. They’ll be on there anyway. Two thirds of Canadians and Americans are on at least one social network. Avoid creating a document of DON’Ts. Instead, give your employees the tools they need to keep out of trouble and harness the potential of social media.
Social media policy examples
Here are some social media policies from both the private and public sectors that you can use to inform your own.
Corporate social media policy examples
- Adidas Group: A concise three-page guide that clearly communicates the key points with a conversational tone.
- Walmart: Walmart’s guidelines are conversational and brief. But they identify specific social networks (Facebook, Instagram and Twitter) instead of focusing on broadly applicable principles. Many of the network-specific guidelines would be just as effective as general rules.
- Coca Cola: This opens with “company commitments,” general concepts rather than context-specific instructions.
- Nordstrom: This is a nice, concise document, though it isn’t broken down by sections, which would make it easier to absorb.
- Best Buy: This one-page document does a good job of clearly defining its expectations for online conduct. Like Adidas, Best Buy outlines the bulk of its policy in bullet form.
- Greteman Group: This document balances etiquette expectations with employee empowerment. It’s also peppered with humour.
- Shift Communications: Shift positions their policy as an easily digestible top 10 list.
Journalism social media policy examples
- Associated Press: This is a more comprehensive policy with great situational examples.
- Reuters: The “Is it a hoax?” section proves policies don’t need to be boring. You can create a document that uniquely reflects your brand voice.
- Canadian Broadcasting Corporation: This gives directions specific to journalism, such as concealing a journalist’s identity. It also includes rules for personal use of social media.
Government social media policy examples
- Government of Canada: Though thorough, this document could use clearer language and sections. You don’t want to create a document that is a sprawling set of webpages.
- Government of New Zealand: To find a great example of government social media policies we actually had to go as far as New Zealand (expenses not paid, sadly). This document may be on the long side, but the language is accessible, it’s all in one place, and it follows the best practices listed above.
Social media policy examples for the health-care industry
- Mayo Clinic: This one gets a gold star for concision. It touches on disclosures and employee disclaimers in under 500 words. That’s about the length of a normal news article. It also provides links to policies on computer usage, patient confidentiality, and mutual respect.
- The Ohio State University Medical Center: This is a great example of how to separate your organizational and personal use sections. The policy starts with a clear definition of both and explains the procedures and policies that apply to each segment.
Social media policy examples for higher education
- California State University East Bay: This policy starts off with a quick rundown of basic social media principles. There’s also an explanation of its guidelines and those that are specific to academia.
- Tufts University: Tufts provides separate policies for official and personal social media activities. The former covers everything from best practices to individual responsibility.
- Harvard University: For the birthplace of modern social media, Harvard’s social media policy could be better. It’s long and complicated, but it’s well organized.
Hootsuite makes it easy to protect your brand across all social channels. From a single dashboard you can easily manage permissions, approve posts, edit messages, take advantage of compliance and security tools, and more.