Dom Nicastro, for HealthLeaders Media
, April 28, 2011
Have you developed a strong business case for social media use, supported at the appropriate level for each department and functional area, considering the organization's mission, vision, and values; possible threats; technical capabilities; and potential benefits?
Does your IT staff understand that the goal should not be to say "no" to social media, but to follow good security guidance, with effective and appropriate security and privacy controls?
How does the policy affect your relationship with business partners and vendors/contractors?
How do you conduct training on the appropriate use of social media (on- and off-site)? Are you including appropriate use of social media in your overall security and privacy awareness training program?
How will you capture social media traffic and audit, analyze, and use it for security and privacy investigations, as appropriate?
Have you reviewed the Financial Industry Regulatory Authority's (FINRA) Regulatory Notice 10-06, Guidance on Blogs and Social Networking Web Sites, to determine its applicability to your organization and how you might use its recommendations to strengthen your organization's social media program? (Note: FINRA provides guidance on the responsibilities of companies to supervise the use of social networking sites. You can find the guidance here).
How does your organization plan to use social media to generate new strategies, engage, and learn?