“The arrival of Facebook at work will no doubt be welcomed by employees used to managing their personal lives and interests outside of work– as it will now allow them to do the same for their work lives with similar levels of functionality. For millennials and those who have grown up in an internet age, the extension of Facebook to the workplace may seem an obvious step – and one that is long overdue.
“Employers too will be keen to harness the benefits of a work based interaction system that should only increase opportunities for employees to connect and collaborate. This could be particularly beneficial in larger organisations where teams are spread across the business, and those where employees tend to work remotely. As a result it could prove a useful tool for increasing employee engagement, and thus help with retention and recruitment.
“However, such a system does not come without risk. Businesses will need to be alive to the potential mis-use of the system by employees – given that it provides another forum – in addition to existing email, phone and instant messaging functions – for employees to express personal views, and potentially, discuss sensitive and confidential business and customer issues. The need to protect sensitive customer information has been highlighted recently by several high profile hacking incidents of customer data and by the FCA’s very recent report (10/12/15) on the need for financial services organisations to do more internally to protect the flow of confidential and inside information. In addition, the recent data protection decision in the Schrems case has highlighted the need for all organisations to consider how data is transmitted, particularly on a global basis.
“Employers will therefore need to be very clear with employees about how the system should be used. In particular they will need to:
- Remind employees of the need to ensure that posts and conversations are not discriminatory, offensive or defamatory – and to update both their diversity and disciplinary policies and guidelines accordingly
- Consider the data protection issues that may arise where Facebook at Work is used on a global basis
- Enforce clear guidelines regarding the topics that can be discussed, which may include for example, limiting or prohibiting discussion of customer information or company confidential information such as financial results, trade secrets and future plans
- Check the membership and security of the groups to ensure that they are appropriate and maintained
- Monitor the use of the groups to ensure that they are not being mis-used
For a large organisation, monitoring and enforcing the above is likely to require an additional level of resources, with HR, risk and compliance functions all needing to be aware of the potential challenges the system could present.”