IRMI Update
Risk Management & Insurance
Commentary, Tips, and Tactics
February 3, 2010 | Issue 221 | ISSN: 1530-7948
In This Issue
Colleague,
Social media has been all the rage in recent years, with everyone from high-paid
CEOs to great-grandmas getting into the act. As with any activity or trend,
the opportunities that come with social media are accompanied by downside risks.
Here are just a few:
- Disclosure of sensitive business plans or other intellectual property
- Damage to brand reputation
- Defamation or libel of others, including employees
This is an emerging area of risk for most organizations, and existing risk
management and insurance programs may not properly address it. If you have not
taken the time to thoroughly identify and address your organization's (or your
clients') exposures to risk from social media, it is time to do so.
One of the first, and perhaps, most effective risk control activities to
consider is to develop a corporate policy to provide guidance to employees on
what they may and (and may not) post about the organization on their personal
pages or on social media discussion pages (see the Risk
Tip below for more on this topic).
What do you believe to be the biggest risks from social media? How should
organizations manage these risks? What are the key elements of a good corporate
policy? Please share your
ideas with readers.
Because cyber risks have become so pervasive and potentially catastrophic,
IRMI is focusing its first series of webinars for 2010 on cyber risk management
and insurance. One-hour webinars will address contractual risk transfer issues,
ways to tailor cyber coverage to exposures, what to do when a business has a
data breach, and much more. Watch for more about Tech-eRisk 2010 on IRMI.com.
All the best,
Jack
Jack P. Gibson, CPCU, CRIS, ARM
President
International Risk Management Institute, Inc.
Risk Tip
Develop a Social-Media Policy for Employees
The "Web 2.0" world of Facebook, LinkedIn, and other networking sites; wikis;
blogs; discussion groups; podcasts; "viral" marketing, etc.—is expanding exponentially.
If your company or clients are not already engaged in it, the employees are.
There are opportunities and rewards in social media for individuals and organizations,
but there also are risks. A formal social media policy can help manage those
risks.
If you intend to encourage or require employees to blog or otherwise use
social media on behalf of the organization, you need a comprehensive strategy
with specific responsibilities, training, and supervision. Also, you likely
need a media liability insurance policy or other specialized coverage. The remainder
of these suggestions pertains to what employees do on their own time.
-
State that your social media policy is concurrent with your Internet
usage policy and any policies concerning privacy, nondisclosure, noncompetition,
ethics, etc. Your Internet policy probably confirms that you can monitor
any messages sent or received within your organization's own communication
systems. Make the same point with respect to using your systems for social
media access.
-
Have employees acknowledge that they have read and understand your policy
and agree to it as a condition of employment. Remind employees that you
are an "at-will" employer (unless you have employment contracts or bargaining
agreements that limit termination options). Employment "at will" means you
can terminate employment at any time, for any reason that is not discriminatory.
-
Tell employees that, if they publish anything about your organization,
they must note that they are employed there, and that their views are entirely
their own. No logos or corporate trademarks may be displayed because doing
so creates the impression that the employee is speaking for the organization.
-
Emphasize the risks of online publishing, including the risk of disclosing
confidential information. Information that hasn't been released by the organization
itself shouldn't be released by any employee. If in doubt, employees should
check with their supervisors or other designated person.
-
Employees are liable for what they publish. They can be sued for libel,
plagiarism, copyright infringement, invasion of privacy, and other offenses.
Tell them that if they publish words or images that are embarrassing or
harmful to your organization, they will be disciplined. (However, be aware
that federal and state laws afford some privacy in communications that take
place in social media outside the workplace.) Employees always should be
respectful in what they say about the organization, other employees, customers,
competitors, and everyone else. Each employee should check information that
others post on his or her blog, social networking site, etc., and delete
anything inappropriate.
-
Tell employees not to disclose anything that would allow personal information
to be compromised. A name and birth date can be enough for identity thieves
with Web crawling applications to triangulate their way to sensitive personal
information. Beware of "phishing" e-mails and malicious software. Review
privacy settings on your social-networking site to minimize the risk of
this kind of invasion.
-
Point out the importance of checking facts before publishing, attributing
information properly, and making sure that opinion is presented as opinion
and not as fact. Online publishers should indicate how they can be contacted.
While some bloggers publish anonymously, doing so can make it easier to
prove malice in defamation or invasion-of-privacy cases.
By William Henry, Vice President
The CIMA Companies,
Inc.
Woodbridge, VA
GET PUBLISHED IN IRMI
UPDATE: Send us a practical tip (less than 300 words) for identifying
and managing risks, buying insurance, managing claims, or filling gaps in insurance
coverages. We'll acknowledge your contribution as we did for Jim.
Submit an IRMI Update risk
tip.
What's New in Your IRMI
Library
Understand and Negotiate Collateral Requirements
Tight credit markets and overall economic conditions continue to present
challenges in meeting insurers' collateral requirements (e.g., letters of credit)
associated with workers comp and liability risk finance plans. Although not
a brand new discussion, "Reducing Collateral Uncertainty" in Risk Financing
(see IRMI Online or
SilverPlume/ReferenceConnect) is still up to date and presents a timely
discussion of why insurers require collateral how the amount to require is calculated.
It presents negotiating points to use when putting casualty programs together.
If you subscribe to Risk Financing, bone up on this important topic before your
next renewal (see IRMI Online
or
Sage/ReferenceConnect).
For summaries of other new and updated information in your IRMI library,
go to What's New on IRMI Online
or
What's New in SilverPlume.
Recent Articles on IRMI.com
New Expert Commentary
There are over 1,001+ risk management and insurance articles on IRMI.com.
Below you'll find summaries of some recent additions with links to the articles.
IRMI Featured Publication
Additional Insured Solutions
The Additional Insured Book examines
approaches, problems, and caselaw associated with additional insured endorsements
for property and liability insurance. You'll get suggestions for modifying coverage
to correspond with contractual risk transfers and a better understanding of
the troublesome areas of manuscript or insurer-drafted additional insured endorsements.
The best-selling book has been cited by courts when interpreting coverage and
is relied on by risk, legal, claims, and underwriting professionals to determine
how the endorsements apply to specific situations.
See the table of contents and order today.