Skip Navigation Links.

IRMI Update

Risk Management & Insurance Commentary, Tips, and Tactics
February 3, 2010 | Issue 221 | ISSN: 1530-7948

In This Issue

Colleague,

Social media has been all the rage in recent years, with everyone from high-paid CEOs to great-grandmas getting into the act. As with any activity or trend, the opportunities that come with social media are accompanied by downside risks. Here are just a few:

  • Disclosure of sensitive business plans or other intellectual property
  • Damage to brand reputation
  • Defamation or libel of others, including employees

This is an emerging area of risk for most organizations, and existing risk management and insurance programs may not properly address it. If you have not taken the time to thoroughly identify and address your organization's (or your clients') exposures to risk from social media, it is time to do so.

One of the first, and perhaps, most effective risk control activities to consider is to develop a corporate policy to provide guidance to employees on what they may and (and may not) post about the organization on their personal pages or on social media discussion pages (see the Risk Tip below for more on this topic).

What do you believe to be the biggest risks from social media? How should organizations manage these risks? What are the key elements of a good corporate policy? Please share your ideas with readers.

Because cyber risks have become so pervasive and potentially catastrophic, IRMI is focusing its first series of webinars for 2010 on cyber risk management and insurance. One-hour webinars will address contractual risk transfer issues, ways to tailor cyber coverage to exposures, what to do when a business has a data breach, and much more. Watch for more about Tech-eRisk 2010 on IRMI.com.

All the best,

Jack

Jack P. Gibson, CPCU, CRIS, ARM
President
International Risk Management Institute, Inc.

Risk Tip

Develop a Social-Media Policy for Employees

The "Web 2.0" world of Facebook, LinkedIn, and other networking sites; wikis; blogs; discussion groups; podcasts; "viral" marketing, etc.—is expanding exponentially. If your company or clients are not already engaged in it, the employees are. There are opportunities and rewards in social media for individuals and organizations, but there also are risks. A formal social media policy can help manage those risks.

If you intend to encourage or require employees to blog or otherwise use social media on behalf of the organization, you need a comprehensive strategy with specific responsibilities, training, and supervision. Also, you likely need a media liability insurance policy or other specialized coverage. The remainder of these suggestions pertains to what employees do on their own time.

  • State that your social media policy is concurrent with your Internet usage policy and any policies concerning privacy, nondisclosure, noncompetition, ethics, etc. Your Internet policy probably confirms that you can monitor any messages sent or received within your organization's own communication systems. Make the same point with respect to using your systems for social media access.

  • Have employees acknowledge that they have read and understand your policy and agree to it as a condition of employment. Remind employees that you are an "at-will" employer (unless you have employment contracts or bargaining agreements that limit termination options). Employment "at will" means you can terminate employment at any time, for any reason that is not discriminatory.

  • Tell employees that, if they publish anything about your organization, they must note that they are employed there, and that their views are entirely their own. No logos or corporate trademarks may be displayed because doing so creates the impression that the employee is speaking for the organization.

  • Emphasize the risks of online publishing, including the risk of disclosing confidential information. Information that hasn't been released by the organization itself shouldn't be released by any employee. If in doubt, employees should check with their supervisors or other designated person.

  • Employees are liable for what they publish. They can be sued for libel, plagiarism, copyright infringement, invasion of privacy, and other offenses. Tell them that if they publish words or images that are embarrassing or harmful to your organization, they will be disciplined. (However, be aware that federal and state laws afford some privacy in communications that take place in social media outside the workplace.) Employees always should be respectful in what they say about the organization, other employees, customers, competitors, and everyone else. Each employee should check information that others post on his or her blog, social networking site, etc., and delete anything inappropriate.

  • Tell employees not to disclose anything that would allow personal information to be compromised. A name and birth date can be enough for identity thieves with Web crawling applications to triangulate their way to sensitive personal information. Beware of "phishing" e-mails and malicious software. Review privacy settings on your social-networking site to minimize the risk of this kind of invasion.

  • Point out the importance of checking facts before publishing, attributing information properly, and making sure that opinion is presented as opinion and not as fact. Online publishers should indicate how they can be contacted. While some bloggers publish anonymously, doing so can make it easier to prove malice in defamation or invasion-of-privacy cases.

By William Henry, Vice President
The CIMA Companies, Inc.
Woodbridge, VA

GET PUBLISHED IN IRMI UPDATE: Send us a practical tip (less than 300 words) for identifying and managing risks, buying insurance, managing claims, or filling gaps in insurance coverages. We'll acknowledge your contribution as we did for Jim. Submit an IRMI Update risk tip.

What's New in Your IRMI Library

Understand and Negotiate Collateral Requirements

Tight credit markets and overall economic conditions continue to present challenges in meeting insurers' collateral requirements (e.g., letters of credit) associated with workers comp and liability risk finance plans. Although not a brand new discussion, "Reducing Collateral Uncertainty" in Risk Financing (see IRMI Online or SilverPlume/ReferenceConnect) is still up to date and presents a timely discussion of why insurers require collateral how the amount to require is calculated. It presents negotiating points to use when putting casualty programs together. If you subscribe to Risk Financing, bone up on this important topic before your next renewal (see IRMI Online or Sage/ReferenceConnect).

For summaries of other new and updated information in your IRMI library, go to What's New on IRMI Online or What's New in SilverPlume.

Recent Articles on IRMI.com

New Expert Commentary

There are over 1,001+ risk management and insurance articles on IRMI.com. Below you'll find summaries of some recent additions with links to the articles.

IRMI Featured Publication

Additional Insured Solutions

The Additional Insured Book examines approaches, problems, and caselaw associated with additional insured endorsements for property and liability insurance. You'll get suggestions for modifying coverage to correspond with contractual risk transfers and a better understanding of the troublesome areas of manuscript or insurer-drafted additional insured endorsements. The best-selling book has been cited by courts when interpreting coverage and is relied on by risk, legal, claims, and underwriting professionals to determine how the endorsements apply to specific situations. See the table of contents and order today.
Advertisements
    
 
© 2000-2012 International Risk Management Institute, Inc. (IRMI). All rights reserved.