Legal worries can be one of the biggest roadblocks on the path to social-media success. Companies can run serious legal risks by wading into social media unprepared. But worrying too much about unspecified risks can keep a company from adopting the technology entirely — and then they risk being left behind.

To get better of idea of how companies can protect themselves from social-media risks, I asked Harriet Pearson, IBM’s vice president, security counsel and chief privacy officer, to explain what goes into a great social-media policy. Here’s what she had to say:

What are some of the biggest unnecessary risks you see companies taking in the social-media space?

One of the biggest unnecessary risks that companies take is not having a social-media policy. While social-media tools present opportunities and potential for productive, collaborative relationships, they also can raise issues related to information security, disclosure of intellectual property or confidential information, privacy and governance. Organizations should acknowledge that social-media tools exist (and that employees are actively using them) and establish policies that clarify the boundaries and guidelines of appropriate use for their employees.

Should companies build their social-media plans from scratch? If so, what should they bear in mind? If not, what would you recommend using as a template?

Organizations should assess their individual exposures and risks in the social-media space based on the industry that they’re in, the regulations they are subject to and the scope of their employees’ use. It would be beneficial to explore what others have done and learn from and/or model their progress, but companies need to tailor their policies to suit their needs. A policy clearly stating what a company’s employees should or should not do will be based on an understanding of which employees are using the tools and how they’re using it.

IBM’s published social-computing guidelines on its website are revised biennially with input from employees. How did the company originally develop these policies? How has this collaborative process developed between the legal team and actual users of these social platforms?

In 2005, IBM became one of the first corporations to establish guidelines for employee behavior in social-computing environments. These guidelines, initially known as the company’s blogging guidelines, were initiated and written by interested employees and ultimately endorsed by the company. They were expanded to cover social computing generally in 2008 and are now known as the IBM Social Computing Guidelines. Since then, we have taken a collaborative approach to developing and evolving the social-computing guidelines, getting employee input on revisions (using wiki technology); the guidelines were updated in 2008 and 2010.

From IBM’s policy-creation process, what best practices can you share? How detailed does a social-media policy need to be?

Organizations should have an understanding of how their employees will use social-media tools. The guidelines shouldn’t be created in a vacuum. Know your organization’s industry and what regulations you are under. It is imperative to establish social-media-conduct guidelines that set the ground rules for their participation. These guidelines would be, to a certain extent, common sense — don’t harass, don’t use obscene language, be respectful and so forth. But they would also cover corporate policy regarding such things as disclosure of confidential information and intellectual property, and they should open the communication channels between employees and management and legal in the event they have questions or concerns regarding whether something should or can be posted.

IBM also has an internal social network called Beehive. Have you created separate guidelines and policies for using this internal network? Do you and your team use Beehive?

There are generally no separate guidelines for Beehive (now known as SocialBlue) or other internal social-media tools used at IBM. The social-computing guidelines that we established cover both internal and external social- media applications, and build on the company’s foundational Business Conduct Guidelines, which apply to all employees regardless of medium.

Pearson will speaking at the upcoming Social Media Legal Risks and Strategy conference in Washington, D.C., from Jan. 12 to 14.

What does your company’s social-media policy look like? How has it evolved over time?

Image credit: peepo, via iStockPhoto

Related Posts

8 responses to “How to create an effective social-media policy for your company”

  1. […] This post was mentioned on Twitter by SmartBrief on SocMed, Kathy Meyer, Jeff Gibbard, SHAFI ISLAM, Santi Chacon and others. Santi Chacon said: How to create an effective social-media policy for your company: Legal worries can be one of the biggest roadblo… […]

  2. Social media networks are definitely a great place to build a network, find business partners, like minded people and can find what others are working on, can learn things when we found useful messages etc..So companies need to setup a strategic platform within their teams. You should monitor who are brilliant and how they are engaging your business from their profiles. When you find people lack interest to update about your business, you should motivate them by explaining the benefits how company and they can get by doing social participation etc..
    My recent post 8 Ways To Optimise Your Blog – Part 1

  3. […] This post was mentioned on Twitter by IBM System x, AVNET México. AVNET México said: Cómo crear políticas efectivas para Redes Sociales en su empresa. Entrevista con el Vice Presidente de IBM H.P. Pearson […]

  4. Peggy Dau says:

    I love the focus on employees. Yes, they are social and recoginizing that is the first step to creating a meaningful policy. Most employees mean well and want to represent their company in a positive light. helping the understand the company position on social media, empowers them to become a stronger advocate for the company.

  5. […] Know your workers to create smart social-media guidelines A social-media policy won’t be effective unless you take into account all the ways your workers use social tools, says IBM executive Harriet Pearson. Before laying down the law, take the time to think about who will be using social media, and create commonsense guidelines based on actual situations workers could find themselves in. “The guidelines shouldn’t be created in a vacuum,” Pearson says.  SmartBrief/SmartBlog on Social Media […]

  6. […] Stanchak, J. (2010, December 1). How to create an effective social media policy for your company. [Web Log Post]. Retrieved from… […]