20110310 ARMA Northern CO Strategies and Policies for Social Media


Published on

This presentation delivered on March 10, 2011 described how to develop a social media policy, the elements and policy statements to include in a comprehensive policy, and other considerations for managing social media.

Published in: Technology
  • Be the first to comment

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide
  • Here’s a very succinct Twitter policy from a blog by an HR-focused law firm, GruntledEmployees.com. “Our Twitter policy: Be professional, kind, discreet, authentic. Represent us well. Remember that you can’t control it once you hit “update.””Pretty good, right? Now, you could argue that this policy is missing a lot of the stuff I just mentioned. But I don’t know that I agree – authentic, professional, discreet, represent us well – that’s pretty close. And regardless of what you think might be missing, I’d argue that if your employees follow this policy, you won’t have many issues with them. And note that this policy is itself Tweetable. [twitter] Policy 2.0 – in 140 characters, courtesy of gruntledemployees.com. http://is.gd/8BpjT[/twitter]
  • Official vs. unofficial includes: Disclaimers (this is or is not official; disclaimer of responsibility if it isn’t)Whether approval is required to create an account (official only)
  • The first step many organizations take to manage Web 2.0 is to try to block them. This is unrealistic for a number of reasons.
  • The first step is to determine whether or not something is in fact a record. Just as we know that most email messages are not records, for most organizations their Facebook fan page updates will not be records either. In other words, we have to ask the same questions about these tools that we’d ask about any other type of information:Does it document a transaction or a decision? If it does, it’s probably a record. Is it captured in another form? This is the biggest reason why most social networking sites like Facebook and Twitter wouldn’t need to be captured as records – in most cases they are being used as another transmission mechanism for information stored elsewhere. Now, just because it isn’t a record doesn’t mean it couldn’t be discoverable or a public record and subject to FOIA-type laws. Again, same considerations here as for other types of information. [twitter]Determine whether something is a record or not according to its content and context.[/twitter]
  • The next step is to determine exactly what is the record and must therefore be retained. Again, this will likely vary not just by content, but also by the nature of the tool. An individual social network status update or Tweet could rise to the level of a record, though I suspect this will be uncommon; in the case of a protracted discussion on someone’s wall or via Twitter, it might be the entire stream of updates on a particular topic or over a given period. This is analogous to determining when an instant message is a record. Many of these tools don’t really have metadata in the traditional sense. Twitter, for example, has the following public metadata: SenderMentions (the @ or DM it is addressed to, and could be more than one)A unique Twitter IDAn in-response-to Twitter ID if it uses the Twitter Reply capabilityA ReTweet ID if it was ReTweetedDate and time sentThe client used to send the update, if knownAny hashtags could be considered metadataBut note what there isn’t: No subject line or topic, no mechanism for filing it, no keywords (except maybe the hashtag). Other systems may offer more or less metadata but it is difficult to access some of that, even if it is retained by the system or commercial provider. The key is to have a records policy that is broad enough to encompass all of these tools and that stresses the content and context of information rather than its format. And as we noted earlier, just because it exists does not make it a record per se.[twitter] The next step is to determine exactly what is the record and must therefore be retained. [/twitter]
  • Finally, there are enterprise versions of every Web 2.0 application. These enterprise versions are often available to be hosted inside the firewall, meaning that security is much more robust. Access can be secured to them much more effectively. They can be integrated into the organization’s identity infrastructure – whether Active Directory or something else – such that any change, post, comment, edit, update, etc. can all be tracked and, more importantly, tracked to a specific named user. No anonymous postings here. Of course, you have to pay for an enterprise version, but what you’re really paying for is a level of peace of mind. And you still get many of the same benefits – ease of use, familiarity with the type of tool, rapid and agile collaboration across geographical and time boundaries, etc. You’re just getting a more secure and robust version of it. [twitter]Consider implementing enterprise versions. FB is FB, but internal tools might be more appropriate.[/twitter]
  • At this point I’d be pleased to entertain your questions.
  • 20110310 ARMA Northern CO Strategies and Policies for Social Media

    1. 1. Strategies and Policiesfor Social Media<br />Jesse Wilkins, CRM<br />AIIM International<br />March 10, 2011<br />
    2. 2. About AIIM<br />International - Members in 146 countries<br />Independent - Unbiased and vendor neutral<br />Implementation Focused - Processes, not just technology <br />Industry Intermediary - users, suppliers, consultants, analysts, and the channel<br />http://www.aiim.org <br />
    3. 3. Jesse Wilkins, CRM<br />Director, Systems of Engagement, AIIM<br />Background in electronic records management, email management, ECM, and social technologies<br />Director, ARMA International Board of <br /> Directors (2007-2010)<br />Frequent industry speaker and author<br />AIIM ERM and E2.0 Expert Blogger<br />Instructor for AIIM Certificate Programs<br />3<br />
    4. 4. It’s just a fad….<br /> By the end of 2013, half of all companies will have been asked to produce material from social media websites for e-discovery. <br /> Source: “Social Media Governance: An Ounce of Prevention”, Gartner <br />
    5. 5. Agenda<br />Introduction<br />Policy development framework<br />Structural elements of a comprehensive social media policy<br />Social media policy statements<br />Strategies for managing social media<br />
    6. 6. Introduction<br />
    7. 7. Why a policy?<br />Ensures that employees know what is expected of them<br />Provides guidelines for being more effective<br />Reduces risk of someone posting inappropriate content<br />Addresses legal and operational concerns<br />
    8. 8. About the social media policy<br />Social content is just another form of content<br />Policy should provide a framework applicable to most or all social media tools – and to other content/communication-related technologies as well<br />DON’T write e.g. a Facebook policy, a Twitter policy, etc.<br />
    9. 9. Best Buy Social Media Policy<br />Be smart.<br />Be respectful.<br />Be human.<br />http://www.bby.com/2010/01/20/best-buy-social-media-guidelines/<br />
    10. 10. Zappos Twitter Policy<br />Be real and use your best judgement. <br />
    11. 11. Policy 2.0 – in 140 characters<br />Our Twitter policy: Be professional, kind, discreet, authentic. Represent us well. Remember that you can’t control it once you hit “update.”<br />
    12. 12. Policy development framework<br />
    13. 13. The policy framework<br />Approach to developing and implementing a policy<br />Ensures that policy development is consistent with organizational goals<br />Ensures that policy meets legal, regulatory, and operational requirements<br />
    14. 14. 1. Get management support<br />Policy development requires time and energy from users and stakeholders<br />So does policy implementation<br />Ongoing compliance will require auditing and communication<br />
    15. 15. 2. Identify stakeholders<br />Policy should address the entire enterprise<br />Stakeholders should include:<br />Business unit managers<br />Legal<br />External customers and partners<br />
    16. 16. 3. Put a team together<br />Internal social media experts<br />Internal champions and evangelists<br />Expert users from key areas of the organization<br />Records/legal/compliance<br />IT<br />
    17. 17. 4. Identify the goals of the policy<br />What changes are being introduced? <br />Social business technologies<br />Related processes<br />What are the desired outcomes?<br />What behavioral changes should result?<br />
    18. 18. 5. Conduct the research<br />Legal research<br />Organizational research<br />Public research<br />Standards and guidelines<br />Benchmarking<br />Consult with similarorganizations<br />Analyze the results<br />
    19. 19. 6. Draft the policy<br />Collaborative and iterative process<br />There are a number of public examples of social media policies<br />These are starting points and need to be customized for your requirements<br />Keep it as simple as possible<br />
    20. 20. 7. Review the policy<br />Review by legal, HR, users<br />Ensures it is valid<br />Ensures it will work within existing organizational culture<br />Change management <br />
    21. 21. 8. Approve the policy<br />Policy is reviewed by business managers, senior management<br />Complete revisions as necessary<br />Approve the policy<br />
    22. 22. 9. Implement the policy<br />Communication<br />Training<br />Auditing<br />Enforcement!<br />
    23. 23. 10. Once the policy is live<br />Monitor for compliance with policy<br />Solicit feedback about policy<br />Provide refresher training as required<br />Plan for periodic review and maintenance<br />Changes to regulatory or operational requirements<br />Changes to social technologies<br />New social technologies<br />
    24. 24. Structural elements of a social media policy<br />
    25. 25. Policy elements<br />Purpose<br />Scope <br />Responsibilities<br />Definitions<br />Policy statements<br />References<br />
    26. 26. Purpose and scope<br />This policy has three purposes:<br />Establish definitions relevant to social business technologies<br />Describe usage policies relating to social business technologies<br />Describe security and technology policies relating to social business technologies<br />Scope: This policy is applicable to the entire enterprise. <br />
    27. 27. Responsibilities<br />Responsibilities for policy development and maintenance<br />Responsibilities for policy administration<br />Responsibilities for compliance with policy<br />
    28. 28. Definitions<br />Uncommon terms<br />Common terms used in an uncommon fashion<br />Acronyms and abbreviations<br />
    29. 29. Policy statements<br />Many different elements available<br />Detailed in the next section<br />
    30. 30. References<br />List any references used to develop the policy<br />Internal strategic documents<br />Records program governance instruments<br />Statutes and regulations<br />Publications <br />Examples and templates<br />
    31. 31. Social media policy statements<br />
    32. 32. Official vs. unofficial<br />Link to social media policy<br />
    33. 33. Creation of official accounts<br />
    34. 34. Look & feel guidelines<br />Account details<br />Handle<br />Picture – including corporate logo usage<br />Bio<br />Contact information<br />Friends/buddies/contacts<br />Groups/fans/likes<br />
    35. 35. Content guidelines<br />Whether posts will require approval<br />Pictures and video<br />By the organization<br />By third parties, e.g. the public<br />Links (i.e. “sharing”)<br />Applications and widgets<br />Likes, retweets, etc. <br />
    36. 36. Whether the account is monitored for actionable content (screenshot)<br />Public records<br />
    37. 37. Personal access and usage<br />Access to personal accounts using organizational resources (time, computers, network, etc.)<br />Access to sites using personal devices (iPhone, tablet, etc.)<br />
    38. 38. Inappropriate usage<br />Offensive content<br />Disparagement of the organization – or of competitors or others<br />Slander or libel<br />Sexual content<br />Solicitations of commerce<br />Threats<br />Illegal activity<br />Violation of copyright<br />
    39. 39. Sensitive materials<br />Personnel-related information<br />Financial information<br />Confidential information<br />Health information<br />If you wouldn’t post it to your website or send via email, don’t post to FB or send via Twitter. <br />
    40. 40. Monitoring and reviewing comments<br />
    41. 41. Official response to third-party sites<br />Response to comments<br />
    42. 42. Governmental considerations<br />Links to primary site (“content of record”)<br />Whether comments are allowed<br />And monitored<br />Public records act<br />Public safety and monitoring issues<br />
    43. 43. Strategies for managing social media<br />
    44. 44. Prohibition is not realistic<br />
    45. 45. Address in policies<br />
    46. 46. Is it a record?<br />Is the information unique and not available anywhere else?<br />Does it contain evidence of an agency’s policies, business, mission, etc.?<br />Is the tool being used in relation to an agency’s work?<br />Is there a business need for the information?<br />Does it document a transaction or decision?<br />
    47. 47. What is the record?<br />Individual social network status updates or Tweets?<br />Comments and responses to comments?<br />The entire stream over a given period?<br />Embedded URLs?<br />Policy and consistency are key<br />
    48. 48. Take a snapshot of record content<br />
    49. 49. Archive entire stream locally<br />
    50. 50. Records management in brief<br />Archive selected items locally<br />Use search queries and monitoring<br />Store selected items locally using search queries or RSS<br />
    51. 51. Use the native backup to store locally<br />Store locally using built-in tools<br />
    52. 52. Use a third-party service to store locally<br />Store locally using third-party service<br />
    53. 53. Store locally using API<br />Store locally using APIs<br />
    54. 54. Draft content locally<br />Use e.g. Word or Notepad to draft content updates and save *that* as a record<br />
    55. 55. Implement enterprise versions<br />
    56. 56. Implement a compliance solution<br /><ul><li> And many others</li></li></ul><li>Questions?<br />
    57. 57. For more information<br />Jesse Wilkins, CRM, CDIA+<br />Director, Systems of Engagement<br />AIIM International<br /> +1 (303) 574-0749 direct<br /> jwilkins@aiim.org <br /> http://www.twitter.com/jessewilkins<br /> http://www.linkedin.com/in/jessewilkins<br /> http://www.facebook.com/jessewilkins<br /> http://www.slideshare.net/jessewilkins<br />
    58. 58. Additional Resources<br />“How Federal Agencies Can Effectively Manage Records Created Using New Social Media Tools”, Patricia Franks, Ph.D., IBM Center for The Business of Government, 2010<br />Guideline for Outsourcing Records Storage to the Cloud, ARMA International, 2010<br />“Electronic Records Management: Blogs, Wikis, Facebook, Twitter, & Managing Public Records”, Washington State Archives, September 2009<br />
    59. 59. Additional Resources<br />“Managing Social Media Records”, U.S. Department of Energy, September 2010<br />http://cio.energy.gov/documents/Social_Media_Records_and_You_v2_JD.pdf<br />“Guidance on Social Networking”, Arizona State Library, Archives, and Public Records, June 2010<br />http://www.lib.az.us/records/documents/pdf/Social_Networking.pdf<br />
    60. 60. Additional Resources<br />NARA Bulletin 2011-02, “Guidance on Managing Records in Web 2.0/Social Media Platforms”, October 2010<br />http://www.archives.gov/records-mgmt/bulletins/2011/2011-02.html<br />“A Report on Federal Web 2.0 Use and Value”, National Archives and Records Administration, 2010<br />http://www.archives.gov/records-mgmt/resources/web2.0-use.pdf<br />
    61. 61. Colorado State University Social Media Resources<br />http://socialmedia.colostate.edu/<br />Division of Emergency Management Draft SM Policy<br />http://www.coemergency.com/2010/02/dem-draft-social-media-guide.html<br />UNC Social Media Best Practices<br />http://www.unco.edu/websupport/social/index.html<br />
    62. 62. City of Longmont Social Media Guidelines<br />http://www.ci.longmont.co.us/news/social_media/documents/socialmediaguidelines.pdf<br />Eric Schwartzman’s Social media policy template<br />http://ericschwartzman.com/pr/schwartzman/social-media-policy-template.aspx<br />PDF: http://ericschwartzman.com/pr/schwartzman/document/Social-Media-Policy.pdf<br />
    63. 63. Additional resources<br />Compliance Building Social Media Policies Database<br />http://www.compliancebuilding.com/about/publications/social-media-policies/<br />57 Social Media Policy Examples and Resources<br />http://www.socialmediatoday.com/davefleet/151761/57-social-media-policy-examples-and-resources<br />Web 2.0 Governance Policies and Best Practices<br />http://govsocmed.pbworks.com/w/page/15060450/Web-2-0-Governance-Policies-and-Best-Practices<br />
    64. 64. Social Media Governance policy database<br />http://socialmediagovernance.com/policies.php<br />“Analysis of Social Media Policies: Lessons and Best Practices”, Chris Boudreaux, December 2009<br />http://socialmediagovernance.com<br />