Social Media Policies: 14 Key Guidelines

Make social media policies a subset of your overall business strategy.

September 7, 2010

Are written social media policies necessary? Yes, according to “Social Media Guidelines and Policies,” a white paper from the CUNA HR/TD Council and the CUNA Marketing & Business Development Council.

Subscribe to Credit Union MagazineWhether your credit union sponsors a blog, a Twitter account, a Facebook page, or any other social media site, written policies define appropriate employee behavior in this brave new, evolving world.

Here are key elements to include in the guidelines:

1. Introduction and purpose of social media

The policy needs to start with an introduction that explains the purpose of the policy or guideline, notes the whitepaper. The introduction should state explicitly who the policy is written for. The policy should also give an explanation of the purpose of social media—often noted as a “platform for mass collaboration.”

2. Core values

After the introduction, some credit unions might want to emphasize that employees should carry over the organizational values and mission to the online venue. It’s important to be the same person online and face-to-face. Laws, regulations, and appropriate behaviors still apply. Being online provides no special rights or privileges; we are still accountable for our actions.

3. Accountability

Social media has democratized the workplace by giving everyone a chance to have a voice in the marketplace of ideas and commerce. Ideas and voices that are unique and interesting rise to the top; others may linger in the basement. We are all responsible for what we write. Unlike a conversation, written words on the Internet tend to stay posted for a long time and are difficult to delete, so writers must be responsible, accountable, and not anonymous.

4. Inappropriate use of social media

What is inappropriate use of social media and what is acceptable behavior? Which sites are OK to visit and which ones are taboo? Include a section in your guidelines that explains inappropriate use in a straightforward manner.

5. Financial disclosure

Any time a financial product is mentioned in a blog, a tweet, or another form, financial disclosure laws apply online. State that if any employee mentions a product online, he or she must comply with advertising disclosure regulations. Mentioning products is OK, as long as the page links back to the credit union’s website page that lists the proper disclosures.

6. Identification as an employee online

Employees belong to various social networks and identify themselves as credit union employees. If they choose to do so, here’s a suggested guideline: Be aware of your association with the credit union in online social networks. If you identify yourself as a credit union employee, ensure your profile and related content is consistent with how you and the credit union wish you to present yourself. This includes what you write about yourself and the types of photos you publish.

7. Copyrights

The issue of copyright in the Internet age is continually changing and confusing, but it’s an issue employees must respect. Remind them to respect the laws governing copyright and fair use of copyrighted material, including the credit union’s own copyrights and brands. When quoting someone else’s work, they must attribute the quote to its author.

8. Confidentiality

Members trust their credit union to protect their financial assets and information. Here’s a sample confidentiality statement from the whitepaper: You may not post any sensitive, confidential, proprietary, or financial information about the credit union, its members, or its employees. You must not use or disclose the credit union’s, its members’ or your co-workers’ confidential, proprietary, or otherwise sensitive business or personal information on your personal blog or other social networking sites.

9. Defense against personal attacks

Few events could be more punishing to the organization’s morale than personal attacks or heated conversations that should be carried off-line. It’s appropriate to encourage questions and discussion about posted content, but without personal attacks on the writer or those who comment on the post. Also, remind users that failure to respect fellow participants on the social media site could result in removal and blocked access.

10. All rights reserved and hold harmless

The social media site should state the parties’ legal rights. The council white paper suggests this wording:

All rights reserved: The blog owner, administrator, contributor, editor, and/or author reserve the right to edit, delete, move or mark as spam any and all comments. We also have the right to block access to any one or group from commenting, or from the entire blog.

Hold harmless: All comments within this blog are the responsibility of the commenter, not the blog owner, administrator, contributor, editor, or author. By submitting a comment on our blog, you agree that the comment content is your own, and to hold this site, [name of site], and all subsidiaries and representatives harmless from any and all repercussions, damages, or liability.

11. Language and behavior

The goal of social media is to be “family friendly” so communication can flow freely. Inform participants that if a conversation takes a step or two downward, the administrator will delete offending words. Also, communicate that people who run on without saying much, or who add unnecessary links will also be edited or deleted.

12. Spam

One petty annoyance of the computer age is spam. Make sure your policy informs users that comments focused on selling a product or service, or comments posted for a purpose of driving traffic to a particular website for personal, political, or monetary gain, will be excluded.

13. Security

Some people avoid participating in social media because they fear their data will be compromised. This is a legitimate concern as hackers continue to find ways to place malicious links in social networking sites and tweets, even those from sources thought to be secure. Attackers can use the sites to mine employee and confidential information. Employees might also unintentionally publish information about products and services that may fail to be compliant with laws and regulations. Consider creating a virtual, fictional individual to serve as the organization’s spokesperson, so real names aren’t used. This also helps eliminate the potential of attackers mining employee information.

14. Social media issues and response

All organizations should designate a person or a team to deal with social media issues, and responses to issues concerning the credit union. Again, this might be a virtual, fictional individual for security reasons.

“Social media is slowly altering the workplace in ways that are being viewed as both beneficial and detrimental within the financial services industry,” notes the council whitepaper. “Policies and guidelines are useful because they give answers to recurring questions as well as guidance to a new environment that continues to evolve and is sometimes confusing to employees and management. Neglecting to write policies and leaving it to common sense is no longer an option.”

For more information, visit