Law Firm Social Media Policy = Damage Control
With the rampant growth of social media use and speed with which information can go viral, it is getting harder for law firms to protect their obligations toward client confidentiality, their own reputation and even their internal computer systems and staff productivity. Having a Social Media Policy is your best bet for potential damage control.
I work as an Interim Office Manager with lawyers and law firms, and was recently interviewed by Sandra Bekhor, of Bekhor Management http://www.bekhor.ca, on the reasons behind why lawyers should develop a Social Media Policy. A summary follows:
Question 1: What should law firms be thinking about when they adopt a social media policy?
For example, does the policy include both personal and professional aspects since people use social media for both new business development and networking as well as keeping in touch with family and friends?
A: The policy serves mostly the professional aspects by providing guidelines for use to develop new business and market the firm while maintaining client confidentiality and preservation of the firm’s reputation. Including guidelines about personal use of social media helps to prevent comments or pictures being posted concerning clients, the firm or co-workers without permission, or where these posts or activity outside the office may be construed as libelous. Also when personal social media is used excessively during office hours, this could interfere with productivity, or worse, affect the entire computer system adversely.
Case in point: One firm we work with was experiencing a frustrating lag in system speed (bandwidth) in the afternoons. After considerable time and money spent on research by the I.T. team, it was discovered that a handful of employees were using social media to stream music and videos. This activity decreased the bandwidth and slowed down the whole office system. As a result, we had to re-work the policy to clearly define acceptable use without banning all social media since we are totally aware that connecting with others via social media is a common practice in their stressful day to unwind and refresh. In the end, I think people appreciate knowing the boundaries and they accept that some practices can cause serious problems with the computer equipment or may not comply with The Law Society.
Question 2: Can you give examples of other things that should be considered when developing a social media policy?
A: Users need to be respectful, careful of the persona they are putting out there and mindful of the firm’s reputation and image. Protecting client information and confidentiality are very important. For example, meeting someone outside of the office at a public coffee shop, one should be careful to protect what comes up on the computer screen that other people can’t see any potentially confidential information.
Question 3: We hear things in the news about how social media use crosses over from personal to professional.
A: Yes, I think many of us heard about the Hydro One story of the employee wearing a company logo on his clothing who created a bit of a stir with a reporter in a public venue which went viral and reflected badly on Hydro One. They were compelled to dismiss the employee as disciplinary action. I think just having guidelines in a social media policy alone would help companies mitigate damage and protect themselves against this kind of bad press. Without a policy they don’t really have a leg to stand on in court or in terms of serving disciplinary action.
Question 4: So then, beyond legal protection, having a policy would clarify expectations for behaviour in social media use. Is there overlap between social media and other office policies?
A: Yes. A little bit. To incorporate confidentiality and respectful use over all areas, the policy should outline expectations into either one main policy which includes internet, email, remote access and social media use or into completely separate policies for more clarity.
Question 5: How often do you need to update policies and what prompts it?
A: Generally, you should pick a date and review your policies annually. Sometimes however, it depends on individual incidents that arise which might necessitate refining the policy. For example, we had a firm revise their policy only a few months after they first released it because of a complete system shut down due to one individual who opened an attachment on their personal email which contained a virus.
Question 6: Do you need to provide any training to staff on how to use social media?
A: If the policy is written clearly and comprehensively enough, there should be no misunderstanding. We have not yet found any reason to provide training. You should also offer opportunity to discuss further with the appropriate person in management if there are any areas that are not clear. If however, your policy is too vague, you leave a lot of room for error. If it’s too restrictive you might be losing out on some useful professional development, networking, firm promotion and chances are some staff will likely rebel.
Question 7: What is the most important reason for having a social media policy?
A: In my opinion it’s for damage control, to protect the client and firm confidentiality and reputation. Also for protecting the office equipment, productivity, and for law firms, complying with the Law Society guidelines.
Question 8: So having guidelines are generally well accepted – no surprises. And does everyone follow the same policy across the board then?
A: In most cases, but sometimes there are restrictions put on staff versus lawyers. An example would be no video streaming in the office for staff unless you have pre-approval that it is for professional development purposes.
Question 9: I see lots of templates out there. How much customization is necessary in creating a policy?
A: A template is a good place to start, but there should be a team or qualified individuals who discuss and review what fits with the firm culture and meets the Law Society requirements and have those specifics incorporated into the policy.
Question 10: What about enforcement of policy or disciplinary actions?
A: The consequences for breach of policy should be clearly defined in the policy itself so people are aware of what will happen if they don’t follow the policy. It is good practice to have a committee or Managing Partner review any incidents of breach and determine the best course of disciplinary action based on the severity of the breach. It might involve a simple warning, or it might mean dismissal.
Conclusion: Social media is a growing form of networking and communication. When professional use crosses with personal use in law firms, sooner or later someone is bound to slip up, potentially causing either a breach in client confidentiality, a computer system problem or worse, a blow to the law firm’s reputation. Mitigate damage and make the best use of social media by having a knowledgeable consultant help you develop and implement a policy that fits your firm culture.