How to write a social media policy for your business (without upsetting your staff)

Phil Kendall

Nov 2021 ⋅ 6 min read

Social media is a big part of people’s lives today. It helps us connect, stay up to date with current events, and share our opinions with people all over the world.

For employers, however, that same connectivity brings with it a whole host of risks.

As we’ve already seen, when a misjudged tweet or offensive video goes viral, it doesn’t take long for information about the person who posted it — including the groups they belong to and the businesses they work for — to surface.

To mitigate the risks that social media presents to businesses, it’s important to have a clear policy in place for your staff to refer to.

Here are the things to consider when writing your company’s social media policy — whether your staff use sites like Facebook and Twitter as part of their jobs or not.

What is a social media policy and why do I need one?

A social media policy serves as a code of online conduct for your staff, outlining the things they should be aware of and behaviours they should avoid when using social media.

To be clear, your staff are free to use social media in their free time however they see fit, and employers should never attempt to dictate what their staff do outside work hours.

An employee’s social media usage could become a matter of concern for their employer, however, if the relationship between the two parties is clear for people to see online and the employee posts or shares something that might reflect badly on the business.

Having an entire policy dedicated to how your staff use on their TikTok accounts might seem a bit drastic, but it’s essential if, as an employer, you hope to:

  1. protect your business’ online reputation
  2. be sure that your staff know their rights and responsibilities
  3. avoid claims of unfair dismissal in the event of a severe breach of policy

Depending on the size, structure, and nature of your business, your social media policy might be anything from a couple of paragraphs in your employee handbook, to a standalone document outlining conduct to be observed on each of the major social media platforms.

Whatever form it takes, your social media policy should be made easily available to and signed by each member of your team. Similarly, if you're adding a new policy to an existing employee handbook, then be sure to bring it to your staff’s attention.

What should be included in a social media policy?

There are no hard and fast rules regarding the points that employers should include in their social media policies. As a rule of thumb, however, we’d recommend including at least the following five sections.

1. An explanatory intro

Any perceived attempt to control what your staff say and do online, especially outside of work hours, could easily be met with anger and suspicion.

For this reason, it’s important to begin any social media policy with a clear explanation of why such a policy is needed, and what the intentions of the company are when creating it.

For instance, you might begin with something along the lines of:

“[Your company name] respects the right of any employee to use social media platforms outside work hours as they wish. In order for the company to protect its interests and reputation online, however, it’s important for us to have a social media policy in place and for our staff to adhere to these guidelines.”

You’ll know your employees best, so will have a better idea of the kind of wording to use — just be sure to stress that it’s not your company’s intention to control employees’ behaviour outside of work hours, and encourage your staff to come to you with any questions or concerns they might have about the policy.

2. General guidance

Some of your team might use social media for work (and in such instances, you’ll need to provide specific guidelines for writing “as” your brand, along with a list of dos and don’ts).

For the majority of your team, however, social media will be something that they engage in in a purely personal capacity, giving them cause to believe that their posts, tweets, and videos have nothing whatsoever to do with their employer.

For this reason, it’s important to let your staff know that — even when their social media use takes place outside of work — if a particular post reflects badly on their employer through association, it could create legal liabilities for both parties.

To avoid the risk of the company incurring legal or reputational damage, staff should be reminded that they’re responsible for the things they post and share online.

With this in mind, you should remind your staff of your company’s values, code of conduct, and discrimination policy, since any online behaviour that both a) could be traced back to their employer and b) contradicts these values could be considered a breach of policy and could result in disciplinary action.

Lastly, be sure to clearly state that this guidance applies to all forms of social media, including but not limited to blogs, online forums, online ‘comments’ sections such as on YouTube and Discord, and to video and audio content as well as and text-based posts.

3. Confidentiality

Staff should be made aware that your company’s confidentiality agreement and data protection policies also apply to social media use. Be sure to link to these in your guide, or provide clear instructions on where to find the relevant documents.

Whether they’re posting in an “official” capacity as a member of your marketing team or using their own social media accounts, staff should be reminded that they’re contractually obliged to never reveal:

  • Names, addresses, and contact details of customers or company employees
  • Sensitive information such as non-public operational numbers
  • Information about the company’s partners

Regardless of whether it’s of a positive or negative nature, employees should also be dissuaded from posting on social media about interactions they have with customers, their coworkers, or their employers. Even if they’ve omitted names or used pseudonyms, it’s often possible to join the dots on social media to work out who the poster is really talking about...

4. Self-identifying

In some organisations, particularly in the US, employees are often encouraged not only to declare their association with their employer on their social media profiles, but to actively engage in online conversation as such, in order to promote the brand.

Generally speaking, however, staff should not be instructed to represent or advocate for the company they work for online unless it’s specifically mentioned in their job description (e.g. the role of social media manager), and this activity is done during work hours.

For all other roles, staff should be discouraged from openly identifying themselves online as employees of your company. This extends to not using their work email address for anything other than work-related activities. By keeping their work and private lives (and accounts!) completely separate, the risk of negative social media fallout affecting your business is far less.

Similarly, staff should never post or share company assets without permission to do so, and should be reminded that, even as an employee of your company, things like logos and images will always belong to the company rather than the employee — even if they were involved in their creation.

Staff should also be instructed that, if they do choose to identify themselves as an employee of your business, to include a disclaimer in their social media bio or profile page stating that the opinions they express online are their own. This could be something along the lines of “The views expressed by me do not represent the views of my employer,” or even just “Opinions/views my own”, but it should be in there.

Finally, your social media policy should remind staff that, if they ever choose to endorse your business or one of its products online, it’s advised that they disclose their affiliation with their employer to avoid any potential legal fallout.

5. Posting on behalf of the company

Staff should be made aware that they should never post “on behalf” of the company unless their job requires them to do so or they have express permission to do so.

Employees should also understand that, when creating or sharing social media content on behalf of the company or posting via the company’s official social media channels, they must:

  • Follow the law. Content posted on behalf of the company should always respect copyright, privacy, and fair use laws.
  • Refrain from making defamatory statements. Employees should never post (including comments or replies) or share content that might unfairly present your business, its partners, or its customers in an unflattering light.
  • Refrain from making offensive remarks. Similarly, staff should not post or share content that people — followers or otherwise — might find upsetting, such as ethnic slurs, sexist or discriminatory comments, or obscenity.
  • Adhere to style and brand guidelines. Social media content should follow the same rules regarding tone and voice. Posts should accurately represent the company or brand’s values.

Wrap up

In our increasingly connected world, where individuals’ personal details and the groups and companies they belong to are rarely more than a few clicks away, it’s essential that employers put clear social media policies in place.

Employers have no legal right to limit the way their staff use social media or express themselves online, but they should take measures to make sure that their reputations are not negatively impacted by the content their staff post or share on social media.

A good social media policy should make staff aware of their responsibilities when using social media both in a personal and professional capacity, highlighting not only the risks to employees themselves, but also the potential implications of accidentally bringing their employer’s reputation into disrepute.

Be sure to update your social media policy regularly, and remind you staff of its content wherever relevant — the last thing you want is for your team to read it once then forget it even exists.