Friday, 4 March 2016

BUSINESS ENTERPRISES AND SOCIAL MEDIA REGULATIONS/COMPLIANCE: THE NITTY-GRITTY



Social media, being one of the fast growing electronic medium in our world today, has become an essential tool for business success. A large number of organizations build strong presence on social media with majority of them having many accounts on Twitter and Facebook, which makes it easier for product branding, communication, information sharing and building strong relationship with people. Social media has come to stay. Those organizations or enterprises that choose not to key into social media could be at a competitive disadvantage and experiencing operational deficiency.

Social media has introduced complexities into the business environment which now stands as a challenge to many organizations. There are vast differences in functionality and cultural expectations on the use of social media sites both personally and professionally. For instance, Germany makes a distinction between private social media (Facebook, Twitter, Instagram) and business social media (LinkedIn). Efforts are been made by organizations and regulators to enforce appropriate compliance guidelines for social media activities.

QUESTIONS BOTHERING ON SOCIAL MEDIA

The main issue that arises from using social media in a business setting is that it alters the way we present ourselves, merging our roles as people, professionals and consumers. As we share more of ourselves on a growing number of social media platforms, questions quickly surface around appropriate social media behavior - how often and on what social networks should we post? When should we present ourselves in our professional role and when should we share our personal opinions? Is it right to be social media friends with co-workers, clients or a boss?
No doubt, these are complicated questions for individuals and absolute puzzle for enterprises concerned with how employees behave and interact within and outside workplace. Controlling employee’s social media usage is even more difficult for enterprises. The questions now are, can organizations dictate how their employees use social media? Can they monitor social media conversations or use them to learn more about prospective job applicants? When does the personal connection allowed by social media tools cross the line from business to personal? To this end, regulators and government agencies are revising specific guidelines, regulations and laws relevant to social media management and oversight. Among them are; Federal Financial Institutions Examination Council's (FFIEC) which proposes "Social Media: Consumer Compliance Risk Management Guidance" and the proposed European Union General Data Protection Regulation.  
 
A security and risk analyst (Nick Hayes) has identified five common categories of requirements that organizations must begin to address immediately to ensure social media regulations and compliance.

DATA PROTECTION AND PRIVACY
The rise of social media is in large part to blame for the growing controversy between privacy and appropriate personal boundaries, which has caused heated debates between various regulators, as people are willing to share more and more information about themselves in largely public forums. At the same time, firms are investing in advanced technology to harvest this data and convert it into actionable business intelligence. To avoid potential conflict, organizations should evaluate how they collect social media data and work to clearly address their intentions in a public way, such as through their websites' public privacy policy statements.

EMPLOYEE RIGHTS
Approximately two-thirds of U.S. and EU Web-connected adults are accessing social networking sites regularly. This means that employees in virtually any industry are likely to use social media in some form, which drastically increases a company's exposure to potentially negative branding and reputational events. To address these concerns, organizations can adopt policies to guide employee use of social media in some form. However, they must be careful that these policies don't conflict with country or state privacy laws, or other labor laws. In particular, companies should be wary of how they monitor employees, restrict behavior through their corporate social media policy, and gather information for recruiting and hiring purposes.

DISCLOSURE AND THIRD-PARTY ENDORSEMENT
A difficult issue posed by social media is how to communicate sensitive, often complicated messages with limited words. Twitter restricts messages to just 140 characters, for example, but organizations that need to comply with the FTC, Food and Drug Administration (FDA) and other disclosure requirements must ensure that all social media messages meet strict specifications. What is considered acceptable practice depends on specific regulations and how they deal with certain aspects of social media usage. For instance, how long can a post remain on an account before it's considered an endorsement? The FTC's guidance is less prescriptive and more about overall intent, leaving it up to them to judge on a more case-by-case basis. The FDA, on the other hand, has provided little guidance specific to social media, often leaving its corporate constituents wary of pursuing an aggressive social media strategy. Any organization that is planning a push into the realm of Twitter, LinkedIn and the like should become familiar with the specific social media regulations and compliance challenges that pertain to its company and industry.

GOVERNANCE AND OVERSIGHT
Employees across organizations are leveraging social media to deepen customer relationships, improve team collaboration and strengthen lead-generation efforts. In fact, Forrester has found that career-driven information workers are almost twice as likely as the rest of the workforce to use social media for business purposes. Considering these statistics, firms are increasingly allowing employees to use social media for business purposes, but regulators in some industries, such as FINRA and FFIEC, now want to see that organizations develop proper internal procedures and controls to ensure they manage associated risks effectively.
INFORMATION ARCHIVING AND RETENTION
Social media also presents new challenges for organizations that are required to retain records of all business communications. Namely, social content doesn't remain static; content creators can edit or delete posts after they are published, and other posters can comment and add to the discussion as well. Further complicating matters is determining what content is considered "business" communication and when that content should be captured and archived. Forrester recommends determining the appropriate context of business communications first, and then deciding which devices and applications employees are permitted to use and under what circumstances.

The reality for most organizations is that social media is not receding. In fact, it continues to grow and evolve at an alarming rate. Consumers increasingly discover and communicate with businesses via social media channels, and just as importantly, workers across many organizations enjoy increased productivity thanks to the likes of Twitter and LinkedIn. Instead of cowering from social media due to compliance fears, enterprises should take the same precautions they've always needed to in the past by focusing on all applicable regulations and putting the right governance processes in place to comply with them. Organizations that are thinking about and acting on such issues now can begin reaping the business benefits today and avoid exposing the company to unnecessary risk later.


No comments:

Post a Comment