Policies that Apply to Social Media
Use of social media technologies must follow the current laws and standards that govern information and information technology. Below is an explanation of the most common policies and standards that impact the use of social media.
Print out the HHS Social Media Policies Checklist (PDF – 89KB) to make sure you have addressed the relevant standards and policies.
- Access and IT Security
- Terms of Service & Licensing
- Copyrighted Content
- Official Agency Sources of Information
- Information Collection from the Public (PRA)
- Soliciting Official Public Comment
- Protecting the Public's Privacy
- Record Keeping
- Comment Moderation
- Linking, Liking, Following and Endorsement
- Additional Resources
All official uses of social media must be approved by program or office management in consultation with the appropriate communications office. The decision to use a social media tool (or combination of tools) must be based on a strategic communications plan and must address the commitment of resources necessary to manage and maintain the public engagement. Your communications official should also consult with either DCD or the Assistant Secretary for Public Affairs (ASPA) for high-profile initiatives.
- Read What’s In a Plan (PDF – 69KB) and Social Media Considerations: Questions to ask before jumping in (PDF – 106KB).
Online media that allows the audience to contribute to content can potentially introduce risk to the confidentiality, integrity, and availability of information resources. Be sure to consider the threats and understand how to mitigate potential risks before using new technologies. Consult the office that manages your information technology resources at your agency for additional information.
- Read the Best Practices for Protecting Third-Party Websites and Applications
- Read the Guidelines for Secure Use of Social Media by Federal Departments and Agencies (pdf) from the CIO council.
- Read the HHS Policy for Managing the Use of Third-Party Websites and Applications
HHS, through the Digital Communications Division (DCD), signs federally negotiated terms of service (TOS) agreements with no-cost third-party providers. These TOS agreements apply across the Department; no further negotiations or signatures are required by OpDivs or other HHS offices. These agreements make it possible for Department employees to use these technologies for official HHS use while meeting current legal requirements.
Many third-party sites and applications have specific guidelines for the use of trademarked images and logos. Consult the specific site or application you are using for more information.
All content posted to third-party sites should also be verifiable through an agency’s official website. People should also be able to obtain comparable information and services through an agency’s official website or other official means. For example, members of the public should be able to learn about the agency’s activities and to communicate with the agency without having to join a third-party social media website. All third-party sites should also provide a link back to the agency’s official website. In addition, if an agency uses a third-party service to solicit feedback, the agency should provide an alternative government email address where users can also send feedback.
Departmental social media sites and content must clearly identify ownership or sponsorship through the use of Department or OPDIV branding. HHS logo policies also apply when used with third-party sites or applications.
Content posted or produced through the use of new technologies must be accessible to people with disabilities and in compliance with Section 508 of the Rehabilitation Act of 1973. A relevant link directing to the accessible content should be made reasonably available on any Web site on which HHS content is not fully accessible.
Do not include surveys, polls, questionnaires, etc., unless the questions have received OMB Paperwork Reduction Act (PRA) clearance. The Paperwork Reduction Act prohibits certain information collections by government entities without prior approval by OMB. Read more about Information Collection or contact the liaison for your agency.
- OMB: Social Media, Web-Based Interactive Technologies, and the Paperwork Reduction Act (April 7, 2010; PDF - 84KB)
- Information Collection under the Paperwork Reduction Act (April 7, 2010; PDF - 96KB)
Do not solicit consensus advice from the public using web2.0 technologies. The Federal Advisory Committee Act (FACA) prohibits agencies from receiving consensus advice from de facto committees or groups that arise outside of the structure and public scrutiny of a formally established advisory committee. Soliciting consensus advice is seeking input from the public with the intent to obtain advice, opinions or recommendations from the group acting in a collective mode. This is different from general feedback or surveys, polls, etc. that seek to obtain general information or viewpoints from the public. Read more to determine when the Federal Advisory Committee Act (FACA) is applicable.
Federal agencies are required to take specific steps to protect individual privacy whenever they use third-party websites and applications to engage with the public. When using a third-party website or application, agencies should adhere to the following requirements:
- Privacy Impact Assessments (PIA) for Third-Party Websites and Applications (know as a TPWA PIA) are required only when the public will be engaging with HHS through the use of a TPWA. That is, TPWAs that do not interact with the public or could potentially receive personally identifiable information (PII) about the public do not require the completion of a TPWA PIA. As such, tools used for internal administration do not need a TPWA PIA, but are still subject to other listed standards and policies.
- Use an external link notice when visitors are directed to a nongovernment website that may have different privacy policies from those of the agency’s official website.
- Prominently post a Privacy Notice on the third-party website or application itself, to the extent feasible.
Refer to OMB Memo 10-23 for more details on the requirements to protect individual privacy whenever they use third-party websites and applications to engage with the public.
Refer to OMB Memo 10-22 for additional information on web measurement and customization technologies.
The rules governing the maintenance of Federal records and web records cover records associated with the utilization of social media. The maintenance of these records, in either electronic or print format, is the responsibility of the office or agency originating the content. Read the HHS Web Records Policy & Guidance to learn more about the required schedule for maintaining web records. Be sure to contact your Records Official to determine if there are additional considerations for records specific to social media. Read more from the National Archives on the Implications of Recent Web Technologies for NARA Web Guidance.
Many new online technologies allow for the submission of user-generated content. HHS encourages this public interaction with the following caveats:
- All comments must be reviewed and cleared (moderated) before they are posted.
- A comment policy and privacy notice must be clearly stated or linked (agencies may link to our comment policy or use it as a model for their own)
- Comments must not be posted if they contain:
- Blatantly partisan political views
- Explicit commercial endorsements
- Discriminatory, racist, offensive, obscene, inflammatory, unlawful or otherwise objectionable statements, language or content.
HHS Websites are able to link to non-government Websites according to the HHS Linking Standard. These links, which include those to third-party websites on which HHS content is held, should include an exit disclaimer.
Consider the value in liking/ following a specific entity and what it may convey to your audience. In many cases, following an organization may convey endorsement of the entire entity, while retweeting or reposting content from another entity may only imply endorsement of the content that is being reposted. Consult your external link policy for guidance on Liking, Following, or Friending other entities and reposting their content within government accounts on third-party networks.