Have you looked at your corporate communications policy recently? The changing ways we are sending email, browsing the Internet and interacting with social media websites such as Twitter, LinkedIn and Facebook continue to encourage risk hot spots for the organisation to tackle.
A recent survey conducted by the Yorkshire Post has revealed a rising number of workplace disciplinary hearings across Yorkshire. The survey investigated hundreds of staff at local councils, hospitals and schools. In some cases some employees were sacked for misusing the Internet at work. Many got into trouble for using social networking sites and for posting abusive messages while others resigned or their employers dismissed them for viewing pornography.
At a time when the public sector is under increased scrutiny to do well these kinds of disciplinary hearings don't look good for top managers. But private companies are also facing similar problems with staff bringing their corporate reputations into disrepute. Indeed, even top law firms have slipped up in the past - remember Claire Swires at Norton Rose?
So, here's some top points to consider when writing your corporate communications policy.
Reviewing your corporate communications policy
2. State that non-compliance of your communications policy can lead to disciplinary action and/or termination of contract. It must be legally incorporated into the terms and conditions of employment (or contractor/consultant contract) and can be referred to in a staff handbook, IT policy, new joiner’s manual, etc.
3. Bring the policy to the attention of every worker who has access to your systems. Make it clear that workers must never send or store emails or attachments that are obscene, indecent, sexist, racist, defamatory, abusive, in breach of copyright, compromises data protection, or is otherwise inappropriate. Highlight other legal and regulatory issues in your training
4. Specify that workers should treat emails as having the same legal authority as signed letters on headed paper
5. Lay down rules for contracting by email (or IM - instant messaging), including specifying which level of employees are authorised to enter into such contracts for the organisation.
6. Stipulate that the processing of personal data must comply with the organisation’s privacy/data protection policy.
7. State whether workers are permitted to use the organisation’s email accounts to send and receive personal email. Organisations that allow employees to use the organisation’s email account for personal use must also tell workers of any relevant restrictions on use
8. Inform workers not to open attachments to email messages from unknown senders without first having them scanned for viruses. Organisations should consider deploying an automatic checking system for viruses, worms, bots and other malware, and tell workers so to help reduce infection and spread of infection
9. Contain a warning that strictly confidential emails should not be send via the Internet without the recipient’s prior consent unless encrypted.
10. Discourage personal advertising by email (or IM) or sending messages for missing items and other trivial administrative matters unless genuinely urgent (workers should be encouraged to use bulletin boards instead, for example via the Intranet/Extranet.
11. Refer to the rules that are in place for dealing with disputes and complaints about email and IM
12. State that employees must not discuss any aspects of the organisation’s business (e.g. on the Internet or in newsgroups) unless part of the employees job description;
13. Inform workers that the organisation reserves the right to check worker Internet use. Organisations can only monitor their staff under the rules set out under Data Protection law and The Lawful Business Practice Regulations. But you can monitor staff Internet browsing regularly, review browsing logs, and put filtering in place to stop people accessing inappropriate or illegal material;
14. Where personal Internet browsing is allowed, to specify the limits of use (e.g. during specific periods, such as in their lunch time);
15. Discourage the practice of downloading material which is unnecessary for business purposes;
16. Refer to the procedure for resolving complaints / disputes over Internet use;
17. Encourage workers only to go online when necessary;
18. Make sure to scan downloads or transmitted materials to/from the Internet. Install firewalls and any other software for workers to check files and attachments for viruses, and give them training.