Campus guidelines to social media policies sharedTweet
The growth of social media technologies has improved the speed and convenience in how people communicate. Because of this, there is a need for guidelines to help users identify and review issues related to the use of social media including Facebook, Twitter, YouTube, Flickr, blogs and personal websites, chat sites, etc.
The guidelines apply to all employees, students, physicians, volunteers, vendors, contract personnel and other associates of the MUSC enterprise.
In February, the Office of Public Relations and Business Development & Marketing Services revised some of the guidelines that relate to how MUSC supports these social media platforms as part of its institutional communications goal. Recommendations were reviewed and approved by MUSC’s Social Media Committee at the request of Richard Gadsden, OCIO information security officer.
According to Gadsden, the purpose of these guidelines is to outline recommendations for social media use among employees, students and groups; minimize any risks that can occur from an individual’s use of social media platforms during work hours; and explore ways to protect the privacy and safety of patients, employees and students.
Updates to these guidelines focus on restrictions of sharing confidential, sensitive and proprietary information using cloud-based platforms. Cloud computing allows users to share and manage data using any Internet-connected computer or device. Although growing in popularity, cloud computing is not secure. An example of a cloud service is Google Docs.
Also revised is an employee’s proper use of personal blogging and social networking activity guidelines. Employee access to these sites should not interfere with daily work commitments.
These activities should be restricted to an employee’s break time. Supervisors should ensure that employees only access social media sites at appropriate times and locations.
Social Media Guidelines
Using blogs and other vehicles for sharing information falls into three categories and requires varying access controls:
1.) Public information (Any information that is appropriate for the public online or in a publication, including cloud-based platforms)
No access control needed.
2.) MUSC restricted information (Information that should not be available to the public, but is not subject to HIPAA or other privacy laws)
The use of unapproved external or cloud services for transmission or storage is not recommended.
3.) MUSC protected information (Personally identifiable information that is subject to HIPAA or other privacy laws)
The use of unapproved external or cloud services for transmission or storage is strictly prohibited.
Cloud computing is the use of computing resources through the Internet allowing individuals to mobilize work effort. Through cloud computing, work performed at the office can be accessed at home or on the go via any Internet-connected device. The freedom of cloud services is the ability to access information from any computer or device.
- Any employee communicating on the Internet about MUSC or MUSC-related matters should disclose his or her role at MUSC. Always use good judgment, and strive for accuracy in these communications as errors and omissions reflect poorly on MUSC and may result in liability for MUSC.
- Employees should ensure personal blogging and social networking activity do not interfere with work commitments. q Employees should contact the appropriate website manager if there are any questions about what is appropriate to include in a blog or social networking profile. Remember, if comments wouldn’t be deemed appropriate by a manager or others at MUSC, it is unwise to post them to the Internet. Content contributed on these platforms becomes immediately searchable, shared and immediately leaves your control forever.
- If a group or individual offers to pay an employee to participate in an online forum as a representative of MUSC, this could constitute a conflict of interest and relevant policies and guidelines would apply.
- If someone from the media or press contacts an MUSC employee about posts made in online forums that relate to MUSC in any way, the employee must alert his or her manager and contact the Office of Public Relations (792-7669 or email@example.com) before responding.
- Do not post the MUSC or MUSC Health logo unless it is specifically approved or included within another approved piece (e.g. banner ads and widgets). In addition, do not manipulate the logo to create a “new” logo.
For the complete guidelines, visit http://academicdepartments.musc.edu/musc/news/Social%20Media%20Guidelines%202-28-13.pdf. Students may find information in the handbook at http://academicdepartments.musc.edu/esl/studentprograms/studenthandbook/Policies/.August 21, 2013