Managing Risk in the Digital Era: Checklist Guidance for HR Professionals
-
Upload
the-denovati-group -
Category
Recruiting & HR
-
view
2.332 -
download
1
Transcript of Managing Risk in the Digital Era: Checklist Guidance for HR Professionals
Copyright © 2014, Courtney Shelton Hunt - all rights reserved2
About the SpeakerCourtney Shelton Hunt, PhDCourtney is the Founder and Principal of The Denovati Group and an international consultant, speaker, teacher, and writer. Her background in business development, communications, human capital management, information technology, and academia, combined with her business acumen, enables her to provide a unique holistic perspective and strategic leadership to organizations.
The Denovati Group enhances the success of individuals and organizations in the Digital Era through thought leadership and guidance, research, consulting and training services, and by facilitating a professional community that fosters the sharing of information and best practices. These objectives are accomplished primarily through:• SMART Resources (including the SMART Blog)• Denovati Solutions• SMART Courses
2
Copyright © 2014, Courtney Shelton Hunt - all rights reserved3
From the ProgramWorkplace Application: This session will help you manage Digital Era risks over the long term beyond simply creating and implementing a social media policy.
Summary: You need to be prepared to manage the risks associated with operating in the Digital Era regardless of whether social media and other digital technologies are part of your organization’s strategic agenda. It is critical that you ensure your policies reflect Digital Era realities and that employees and managers understand not just the “new” rules, but also how “old” rules apply. Balancing legal, business, and relationship perspectives, this session provides an overview of general legal considerations and offers specific guidance to evaluate and update your policies, communicate changes and provide necessary training.
Disclaimer: I am not an attorney
MANAGING RISK IN THE DIGITAL ERA
No One is Exempt Every organization needs to think about and be
prepared to manage the risks associated with operating in the Digital Era
It doesn’t matter:– Whether social media is part of the organization’s strategic
agenda
– If the organization itself has any deliberate digital presence
– How large the organization is, whether it’s for-profit, BtoB or BtoC, or which industry or sector it operates in
– How the organization’s leaders feel about social media and other digital tools
Copyright © 2014, Courtney Shelton Hunt - all rights reserved6
Copyright © 2014, Courtney Shelton Hunt - all rights reserved7
Current Realities
But…– There is no simple solution or
“one size fits all” approach– A “fix-it-and-forget-it” strategy is
one few organizations can afford
Managing Digital Era risks is part of the cost of doing business, and managing them well can be a competitive differentiator, in both the economic marketplace and the war for talent
Copyright © 2014, Courtney Shelton Hunt - all rights reserved8
Current Best Practices Include… Recognizing that policies and guidelines
have to be customized to match the culture and operating characteristics of the organization
Involving representatives from multiple functional areas to develop those policies and guidelines
Providing interactive training for employees to ensure they understand their rights and responsibilities
Reviewing policies and guidelines at least annually to ensure they’re current
Copyright © 2014, Courtney Shelton Hunt - all rights reserved9
However, … Most organizations – even those that are highly
engaged with social media and other digital technologies – are not addressing Digital Era risks as comprehensively or deeply as they could or should
They are effectively “uninsured” or “underinsured”
Copyright © 2014, Courtney Shelton Hunt - all rights reserved10
Social media is “just” a communications toollike
A nuclear power plant is “just” a way to turn on the lights
The “Obvious” Risk: Social Media
Copyright © 2014, Courtney Shelton Hunt - all rights reserved11
Social Media Policies:Necessary but not Sufficient
An organization’s employment policies reflect Digital Era realities
Both employees and managers understand not just the “new” rules, but also how “old” rules apply in the new era
External stakeholder engagement is well managed
Drafting and implementing a social media policy should be considered part of a larger effort to ensure that
Copyright © 2014, Courtney Shelton Hunt - all rights reserved13
What’s Your Strategy? Determine your overall strategic approach to
leveraging digital technology for both internal and external purposes– Email and the internet– Social media– Mobile devices (phones and tablets)
This strategy lays a foundation for understanding the necessary changes to existing policies, guidelines, and agreements
Copyright © 2014, Courtney Shelton Hunt - all rights reserved14
Covering the Basics I Develop a social media policy for
all employees Review/revise all operational and
employment policies to reflect Digital Era technologies (both hardware and software) and realities
Some experts suggest that employers separate their digital media policies from other employment policies
Copyright © 2014, Courtney Shelton Hunt - all rights reserved15
Covering the Basics II Update your organization’s Code of Conduct
and/or Ethical Guidelines Craft social media guidelines for employees
who interact with outsiders and/or represent the organization via social media channels
Copyright © 2014, Courtney Shelton Hunt - all rights reserved16
Commercial Law Considerations Regulations regarding– The protection of trade secrets– Proprietary and confidential information
Copyright, trademark and intellectual property protections
Laws of agency
Regulatory Requirements Security and Exchange Commission
(SEC) regulations Financial Industry Regulatory
Authority (FINRA) guidance on social networking websites and business communications
Health Insurance Portability and Accountability Act of 1996 (HIPAA) Privacy and Security Rules
Federal Trade Commission (FTC) rules regarding identity and affiliation disclosures, disclaimers, and endorsements
Copyright © 2014, Courtney Shelton Hunt - all rights reserved17
Labor & Employment Law
Non-solicitation and non-compete laws
Distracted driving rules Anti-discrimination laws Anti-harassment laws Defamation laws Fair Labor Standards Act
(FLSA)Copyright © 2014, Courtney Shelton Hunt - all rights reserved18
Copyright © 2014, Courtney Shelton Hunt - all rights reserved20
Policies vs. Guidelines Policies– Well-defined rules about what individuals can and
cannot do, many of which can be linked to federal or state laws
– Generally apply to ALL employees, regardless of whether they interact with the public using social media as part of their job responsibilities
Guidelines– Expectations for behavior that may not be as easy to
define or enforce– Generally created to guide the behavior of employees
who interact with outsiders using social media as part of their job responsibilities
Copyright © 2014, Courtney Shelton Hunt - all rights reserved21
Policy & Guideline Examples IBM– Respect copyright, fair use and financial disclosure
laws (P)– Don't provide IBM's or a client's, partner's or
supplier's confidential or other proprietary information (P)
– Be the first to correct your own mistakes (G) Dell– Be transparent and disclose (P)– Be nice, have fun and connect (G)
Copyright © 2014, Courtney Shelton Hunt - all rights reserved22
Policy & Guideline Examples Walmart– Do not say you speak for the Company without
express written authorization from the Company to do so (P)
– Stay on topic (G) Nordstrom– Do not post any merchandise pricing information
or comparisons (P)– Be a good listener (G)
Copyright © 2014, Courtney Shelton Hunt - all rights reserved23
Policy & Guideline Examples Vanderbilt University– [Staff may not use] Vanderbilt-owned data or work
product for personal gain (P)– Separate personal from professional (G)
Mayo Clinic– You must maintain patient privacy (P)– Ensure that your social media activity does not
interfere with your work commitments (G)
Copyright © 2014, Courtney Shelton Hunt - all rights reserved24
Other Legal Considerations Update legal documents to reflect
Digital Era technologies and realities– Employment agreements (e.g., non-
compete agreements)
– Other legal documents (e.g., non-disclosure agreements)
Address “ownership questions”– Related to social media accounts,
content, and digital networks
– Particularly with key agents (e.g., officers, development professionals, marketing and sales folks)
Mama and Papa Snay won the case
against Gulliver. Gulliver is now
officially paying for my vacation to
Europe this summer. SUCK IT.
Copyright © 2014, Courtney Shelton Hunt - all rights reserved25
Don’t Forget To… Determine a fair and consistent
(and realistic) approach to monitoring, enforcement, and discipline
Create and/or update user agreements and guidelines for the intranet and other internal systems – especially those that include 2.0 features and functions
Copyright © 2014, Courtney Shelton Hunt - all rights reserved26
Remember Outsiders Too
Incorporate social media and digital technologies into your general crisis management plans and develop a specific crisis management plan for your digital properties
Create posting guidelines and moderation rules for outsiders who may engage with your organization via one of its social media channels
Copyright © 2014, Courtney Shelton Hunt - all rights reserved28
Guiding Principles Be proactive in managing Digital Era risks rather
than waiting for a threat or crisis to force you to reactively develop and implement a hasty solution
Thoughtfulness and thoroughness are important, but time is also of the essence
Proceed with “mindful flexibility,” which requires– Being both strategic and goal focused, as well as
adaptable– Emphasizing procedural efficiency as well as
effectiveness
Copyright © 2014, Courtney Shelton Hunt - all rights reserved29
Process Steps Create a policy team Develop a project plan and
guidelines Review, refine, and create
policies, guidelines, legal agreements, etc.
Provide training and ongoing communication
Lather, rinse, repeat
Copyright © 2014, Courtney Shelton Hunt - all rights reserved30
Create a Policy Team I
Involve multiple stakeholders from relevant functional areas:– Externally-oriented groups: marketing, sales,
public relations, customer service– Internally-oriented groups: human resources,
knowledge management, IT, organizational development, learning & development
– Both: in-house counsel
Copyright © 2014, Courtney Shelton Hunt - all rights reserved31
Create a Policy Team II
Employ outside experts who can provide sophisticated guidance from various perspectives:– Social media and other digital
technologies– Federal and state laws and issues (and
perhaps global too)– Business development– Human capital management
Copyright © 2014, Courtney Shelton Hunt - all rights reserved32
Project Plan and Guidelines I Set clear deadlines so you don’t get bogged
down by bureaucracy and semantic arguments
Coordinate the policy/guidelines initiative with other social media development and implementation initiatives
Copyright © 2014, Courtney Shelton Hunt - all rights reserved33
Project Plan and Guidelines IIIdentify overarching principles, goals and objectives that will provide a framework for revision efforts and reflect:– Industry and nature of the business– Strategic priorities (both in general and in relation to social
media)– Guiding values (including ethics)– Cultural context and workforce characteristics– A balance between legal and business perspectives– A balance between employer and employee perspectives
Copyright © 2014, Courtney Shelton Hunt - all rights reserved34
Policies, etc. I Identify the best approach to specifically
addressing the use of social media– Develop something new (i.e., a single, multi-
faceted policy, or multiple policies)– Update existing polic(ies)– Some combination of the two
It’s okay to leverage benchmarked resources to create both policies and guidelines, but ensure they’re properly vetted and customized as needed
Copyright © 2014, Courtney Shelton Hunt - all rights reserved35
Policies, etc. IITry to build as much durability into the policies/guidelines/agreements as possible:– Balance broad, general wording with specificity– Recognize that the digital engagement of both
individuals and the organization are going to increase over time
– Allow for flexibility as new case law and regulations develop
– Prepare for technologies, platforms, and devices that could be used in the future
Copyright © 2014, Courtney Shelton Hunt - all rights reserved36
Training…
Prepare and provide training for– Community managers and other “official” social
media users (including crisis management)– Non-managerial employees– Managerial employees
Think beyond social media to digital media awareness and risk management– Device management and safety– Cybersecurity (hacking, cybertheft)– Phishing, viruses, data protection– Email usage
Copyright © 2014, Courtney Shelton Hunt - all rights reserved37
… and More
Include training focused on digital risk management in new employee orientation and supervisors’ training
Think about opportunities to educate the public too
Communicate the final policy/ies, guidelines, and agreements and establish a method for providing regular reminders using a multimedia, tiered approach
Where necessary, have all employees sign updated agreements
Copyright © 2014, Courtney Shelton Hunt - all rights reserved38
Stay Current Plan for regular
reviews/revisions to policies, guidelines, and agreements to reflect new technologies, legal/regulatory changes, and case law
Offer updated training for employees and supervisors at least once annually
Copyright © 2014, Courtney Shelton Hunt - all rights reserved39
Quick Recap Developing and implementing a social media policy is a
necessary first step, but a single policy alone is not sufficient
Focus on both outcomes (the “what”) and processes (the “how”)
Review and update all policies and procedures to reflect Digital Era risks, as well as employment agreements and other legal documents
Develop and implement appropriate training for both employees and managers
Create and implement an ongoing communication plan Be prepared to review and update everything at least
once a year
Copyright © 2014, Courtney Shelton Hunt - all rights reserved42
The Denovati… Pronunciation guide: day-no-VAH-tee Deconstructing the term:– DE = Digital Era– NOV = short for novani, Latin for colonists, immigrants,
new residents– ATI = those who seek knowledge and/or are in the know
The Denovati areDigital Era explorers, pathfinders and pioneers
who seek to understand and effectively leverage social and digital technologies
Copyright © 2014, Courtney Shelton Hunt - all rights reserved43
Denovati Digital Network
Visit denovati.comto learn more about who we are, what
we do, and what we offer