The folks at PR Squared recently posted their take on a basic corporate social media policy. I think their example is solid, and similar to other best practices I’ve worked on or seen. Importantly, they put a premium on transparency, protection of confidential information and avoidance of any legal issues – all critical requirements. And I like their caution about protecting personal information and thinking long-term.

But the devil is in the details in any policy, even good ones like this. The key is careful monitoring and nimble interpretation and decision-making to ensure the policy is understood and applied consistently. Typically, a few areas provide most of the questions and problems in these situations. For example, what constitutes a crisis? And who decides when something is a crisis? Easier said than done in the “canary in a coal mine” environment of the web where rumor and fact are often hard to confirm and news can break quickly. Another grey area is information that is not obviously confidential but may be material, or at least relevant, to competitors and investors. Another issue I would clarify in this policy is the distinctive role of trained subject experts who blog/post on behalf of the company – they have a different mandate and road-map than employees surfing the web on their own behalf.

Many companies are understandably leery of formally sanctioning their employees’ activities online – after all some employees may be critics rather than fans – but the reality is many are already on the web. So the smart thing to do is not ignore the reality, but develop clear, simple policies to guide the activities and address the egregious abuses. Beyond that, enlightened companies recognize that the fundamental issue is not trying to control or direct employee comments online,  but taking steps to foster a strong culture and ensure employees become productive, enthusiastic performers and positive advocates for the organization.