SSilver - Fotolia

Evaluate Weigh the pros and cons of technologies, products and projects you are considering.

What social media compliance issues plague enterprises?

Social media compliance issues in Fortune 100 firms aren't what you might expect. Expert Mike Chapple explains the top problems in social media compliance.

Nexgate released a report titled State of Social Media Infrastructure Part III: A Compliance Analysis Fortune 100 Social Media Infrastructure, in which the company analyzes social media compliance of Fortune 100 firms. What are the main takeaways from this report?

Social media creates a variety of compliance challenges for organizations in several different industries, particularly those involved in providing healthcare and financial services. The recent Nexgate report revealed some surprising findings, particularly around the extent of social media activity in Fortune 100 companies. The average Fortune 100 firm has a whopping 320 social media accounts and an average of 1,159 employees who make half a million posts per year on those accounts. With that number of people involved in such a massive information flow, there are bound to be enterprise social media compliance issues.

Financial services firms constituted the largest source of social media compliance issues uncovered in the Nexgate analysis. Compliance incidents for financial firms range from truth-in-lending disclosures to Fair Housing Act compliance. The largest issue, however, relates to Financial Industry Regulatory Authority requirements that financial institutions respond promptly to customer complaints. Financial institutions that maintain a social media presence must monitor consumer activity on those accounts for issues that allege theft, forgery or other misappropriations of funds and then respond to those complaints promptly.

Healthcare firms also accounted for a significant number of social media compliance issues, but those incidents came from a surprising source. HIPAA was not at the heart of healthcare compliance issues, as one might expect. Rather, almost a hundred cases emerged in the Nexgate analysis that were subject to FDA Adverse Event Reporting requirements. The FDA requires pharmaceutical companies to file reports each time they hear of a consumer or medical professional experiencing an issue with a drug. If someone tweets at a company's official social media account reporting such an issue, this is more than an informal communication; therefore, companies should consider whether such a tweet constitutes notice of an adverse event that triggers FDA reporting requirements.

Enterprise social media compliance issues are complex and companies operating in any regulated industry should carefully consider how participation in social media affects their compliance obligations.

Ask the Expert:
Got a vexing problem for Mike Chapple or any of our other experts? Ask your enterprise-specific questions today. (All questions are anonymous.

Next Steps

Check out what social media compliance regulations enterprises need to know

Learn how to ensure enterprise social media security

Learn some best practices for CISOs on social media

This was last published in December 2015

Dig Deeper on Data privacy issues and compliance