top of page

organizational compliance and the use of social media in organizations

1 May 2015
Nurit Lin
facebook app

Knowledge Management workers have been waiting for a while for Social Media to enter the organizational work. Finally, in the last 3-4 years we can clearly view a real, meaningful process in this field. More and more organizations and companies utilize tools of Social Media in the world of internal KM in their organization and merge them as part of their core business processes (not only as an external PR tool or as an enhancement tool for customer relations).

The leading tools in this category are: Yammer, JIVE INM Connections, Chatter, and SAP Social Media. Of course, Social Media entering the organizational world enfolds new questions and unique challenges, such as:

  • How can Social Media be used in an organization?

  • What is these tools' advantage over other KM tools?

  • How does one differentiate these tools from other KM tools (knowledge communities, portals, and websites)? When does one use each tool?

  • How does one merge the Social Media tools with the existing KM tools in order to prevent an overload of channels and tools?

  • How much should we moderate and manage the Social Media channels?

And many more questions arise.


One issue that frequently rises in many organizations is the issue of organizational compliance. In the organizational world, compliance is defined as actions and policies that the organization and worker must work by in order to meet the requirements of the organizational regulations and guidelines in different fields. Some concern the conduct of workers in the organization, some concern their conduct when dealing with suppliers, colleagues and clients, and others are unique to the organization's practical fields (e.g. banking or software).

The Social Media tools, which are a channel of communication and information transfer for internal organizational needs, are not monitored and allow workers to write what they want freely, quickly and usually widely distributed. These enhanced features cause organizations to fear unintentional and conscious violations of the organizational compliance guidelines, therefore, the question of content enforcement rises frequently: what content written in the social Media should be banned? What means should be used?

Many organizations that went through the process of defining the organizational compliance policy in their communication channels in the past (e.g. the use of emails), we can view that introducing Social Media tools to the organization has prompted a process of revision and updating of these definitions. For other organizations, this introduction serves as a catalyst for the initiation of a policy definition process.

The way in which these organizations handle the dilemma of organizational compliance in regard to the internal use of Social Media focus on either one of three methods or a combination of all three:

  • Raising awareness by using an explanatory campaign via the organizational internal channels of communication. This campaign will present the rules of compliance expected from the workers when using Social Media: what they are permitted to write, how they are they are permitted to write it, and what they are not permitted to write and/or share using Social Media. The advantage of this method is that besides raising awareness, this campaign also serves as a channel for assimilating the Social Media (if done correctly, in a manner that doesn't evoke any resentment). Its obvious disadvantage is its lack of actual enforcement.

  • Conditioning the use of the aforementioned tools to committing to proper work. This is done using Privacy Policy and Terms of Use instilled in the tool itself or the initial signup process (a pop-up window that presents the policy which the user must sign or click on Accept). This method's advantage is that the worker takes full responsibility for complying with the policy. In many cases, this action might be required legally. Its disadvantage is that the majority of these signees or 'accepters' do not read a word of what they just allegedly agreed to. Therefore, using this tool might hardly affect the situation and so the compliance level in the organization may remain problematically low.

  • Designated enforcement tools for Social Media. These tools, instilled to the Social Media tools, enable monitoring and analyzing the content written. Also, management can choose the level and method of enforcement executed when identifying a policy violation. The advantage is obvious- this is the only method that enables both monitoring the content uploaded via the Social Media tools and automatic execution. Its disadvantage is that the organization may encounter restrictions in certain countries as part of their privacy protection rules meant to protect local workers. Furthermore, the high cost of purchasing these tools and their licenses.


When considering the use of such a tool, an organization must examine the following aspects and features:

  1. Avoiding harming the user experience of the Social Media tool: the monitoring tool must act subliminally and be transparent to its users.

  2. Demarcation: the organization must check what different components of the KM tools are monitored: posts, pictures, movies, files etc.

  3. Operation: how is a dictionary of monitored terms, words and expressions built and managed? Is it easily and comfortably updated and adjusted? Does it support different languages ?

  4. Grading the severity level of the compliance policy violation and choosing an appropriate response. For example, in defined severe cases that endanger the organization an appropriate reaction would be automatically deleting the content and informing a senior authority. In specific cases defined as hardly severe, an appropriate reaction would be merely informing the writer of said content of the violation.

  5. Can the organization avoid monitoring certain users? This request might arise as a result of some countries' privacy protection rules.

  6. The flexibility of the tool: can this tool adjust and develop in light of new requirements? How much does it depend on its supplier during the day-today use?


  The organization's choice of a method to cope with potential risks in the field of organizational compliance should be a combination of organization type and its field of action (from which the classification level of its managed knowledge is derived as well as its required rules of compliance), organizational character and culture that affect the level of sensitivity to the subject. Obviously, the size of the organization and its budget are also important factors. Clearly, the field of compliance in Social Media is still making its baby steps and will most probably be developed over the following years. It will be very interesting to see these constant dynamic developments, which are so typical of the world of Social Media, affect the organizational compliance policy of different organizations and its supporting tools evolving with it.

bottom of page