Ref No: OD&HR

Organisational Development and Human Resources

Lead Head of Service Date Equality Impact Assess Completed

Date Approved by Chief

Executive

Implementation Date

Version Number

Issue Date Review Date

Lorraine Eastham

August 19 August 19 September 19 2 1/9/19 06/22

SOCIAL MEDIA POLICY &

PROCEDURE

2

Requirement Action

Who should be aware of the policy and where to access it?

All employees, volunteers and contractors

Who should understand the policy?

All employees, volunteers and contractors

Who should have a good working knowledge of the policy?

All managers, HR, Communications & Marketing and Trade Union representatives

Whether the policy should be included in the General Trust Induction Programme and / or departmental specific induction programme?

Yes, the policy is available on the intranet and where appropriate, in hard copy for the line manager and all employees.

Where is the policy available? On the Trust intranet – OD&HR Communications & Marketing Section.

Process for monitoring effectiveness of this document?

Monitoring within the Communications & Marketing Team and notification to the Chief Executive

Groups / Persons consulted?

Chief Executive Team Children in Care Council Trade Unions Staff.

Training

Awareness raising with managers, staff side representatives and employees. Corporate Induction

3

Contents

1.0 UNDERSTANDING WHAT IS SOCIAL MEDIA

2.0 THE PURPOSE

3.0 THE SCOPE

4.0 EQUALITY IMPACT ASSESSMENT

5.0 LEGAL FRAMEWORK & TRUST RELATED DOCUMENTS

6.0 GUIDING PRINCIPLES

7.0 ROLES & RESPONSIBILITIES

4

1.0 UNDERSTANDING WHAT IS SOCIAL MEDIA?

Social media and social networks allow us to reach some of our customers

online. Social media is the name most commonly used to describe online

communities or networks in which the users, be they individuals or organisations,

create, share and exchange information and ideas, such as Facebook, Twitter

and blogs.

It is different from traditional forms of media and social interaction in a number of

important ways:

Spontaneity: Users can instantaneously Tweet, post or send comments from almost

anywhere without any safeguards to vet that communication.

Reach: At the same time, social media provides an instant global audience, potentially

reaching thousands if not millions of recipients, depending on the popularity and

following of the user.

Permanence: Social media messages can be saved or reposted to create a record that

is difficult to withdraw or amend. This leads to a greater risk of saying something stupid,

or at least a greater risk that the stupid things you once shared later at night with a few

friends, forgotten the next day, are now read by thousands, never to be lost.

Everything shared on a social networking site could potentially end up in the

public domain, even where privacy settings have been set up to allow ‘friends’

only access. Sometimes the opinions, information and photos/videos you post

can end up being seen or used by people you never intended to share them with.

As someone who works with children, young people, parents or carers, whether in a

voluntary or paid capacity, whenever you are using social media you must always have

your professional role in mind and always consider how your behaviour could

affect your professional reputation and employment. All digital records should be

considered to be permanent.

2.0 THE PURPOSE

The purpose of this policy and procedure is to ensure all staff, volunteers, contractors

and children in our care are aware of the positive and negative impact social media can

have to the Trust’s reputation and also impact personally.

5

It sets out the standards that should be followed by all Trust staff when using social

media, either through individual social media accounts or through a Trust operated

account.

The policy and procedure clearly lays out the Trust’s stance on social media posting for

all staff, volunteers and contractors and is done so purely to protect the integrity of the

organisation and also its employees, volunteers, young people and families, its partners

and key stakeholders.

3.0 SCOPE

This policy applies to all employees employed by and working on behalf of Doncaster

Children’ Services Trust Ltd, including contracted, non-contracted, temporary, honorary,

secondments, relief, agency, students, volunteers.

Users who are found to breach this policy on the use of social media will be managed in

line with the organisation’s disciplinary policy or most appropriate process. It is important

to remember that adhering to the Trust’s Data Protection Policy applies equally both

inside and outside of working hours and includes any reference made to or about work,

colleagues or young people, either specifically or indirectly.

All policies apply equally inside and outside of work hours when work-related. Also,

where the trust allows access to the internet, accessing any social networks is at the sole

discretion of the trust and staff are required to abide by the content of this policy.

5.0 EQUALITY IMPACT ASSESSMENT

To be completed.

6.0 LEGAL FRAMEWORK & TRUST RELATED DOCUMENTS o The General Data Protection Regulation

o Data Protection Act 2018 Human Rights Act 1998

o Defamation Act 2013

o Trust Related Documents Disciplinary Policy

o Data Protection Policy

7.0 GUIDING PRINCIPLES– WHAT WE EXPECT FROM YOU?

7.1 USE OF SOCIAL MEDIA – GENERAL

Where social media is used as part of an employee’s work they should ensure it is

used in accordance with the Trust’s policies listed above. Staff, especially those in

direct contact with service users, may wish to consider carefully who can see their

6

profile information and what information to include when operating any social media

account. For example easily identifiable personal emails or mobile numbers that are

used for work, that could allow an individual to be easily identified. This also includes

information about their employer or type of work that may enable service users to

identify them.

Trust employees should not be ‘friends’ with service users who are vulnerable

adults or children, as this could be regarded as a safeguarding issue.

Unauthorised use or disclosure of confidential information gained through

employment with the Trust, or failure to protect such information will be treated as

misconduct, unless the disclosure is protected by law for example Whistleblowing.

Staff, volunteers and contractors of the Trust may use designated facilities provided

by the Trust for their private use of social media during their work breaks, with the

agreement of their line managers. However, social media sites must never be used

to access or share pornographic, offensive or otherwise inappropriate material which

may be deemed detrimental to the Trust.

Cisco Jabber is a permitted form of instant messaging within the Trust and is

primarily for work use. Occasional and reasonable personal use is allowed but must

not interfere with the performance of an employee’s duties.

Staff, volunteers and contractors may also use private social media accounts in a

professional or semi-professional capacity (eg accessing Trust communications via

social media, using social media to share best practice with peers) outside of work

breaks for the general benefit of the Trust with the consent of their line managers.

Staff, volunteers and contractors should be aware that the Trust reserves the right to

use legitimate means to monitor employee internet use on trust IT equipment,

including use of social media sites, for content that it finds inappropriate. Existing

Trust policies should be observed at all times. If inappropriate use of the internet is

suspected, managers may request internet usage reports and where warranted,

action may be taken in accordance with the Trust’s Disciplinary Procedure and

normal HR processes.

Staff, volunteers and contractors are encouraged to observe professional guidance

from respective professional bodies. For security reasons it may be advisable for

staff not to divulge their exact employing organisation/base (particularly those

working in contentious areas such as safeguarding) however employees may identify

themselves as Trust employees for valid reasons, eg during involvement in raising

awareness/PR activities or in the case of employees with public-facing roles, such as

the Chief Executive. Employees who do divulge their employment with the Trust

should state that they are tweeting/blogging in a personal capacity. For example ‘The

views expressed on this page are my own and not those of Doncaster Children’s

Services Trust.’

Staff, volunteers and contractors are ultimately responsible for their own behaviour

online. Staff volunteers and contractors must take care to avoid posting online

content that is inaccurate, libellous, defamatory, harassing, threatening or may

7

otherwise be illegal. If not, they may be subject to civil proceedings or criminal

prosecution.

Staff, volunteers and contractors are encouraged to like and share Trust social

medial posts. This will aid the Trust reach a wider and more diverse audience and

therefore help promote the work that the trust does.

Social media sites or pages relating to the Trust should not be set up by staff,

volunteers or contractors without the involvement of the Communications &

Marketing team. All accounts created for Trust purposes should meet the

organisation’s branding requirements. Further information and guidance can be

obtained in this document 6.3 Use of Social Media for Trust Business and by

contacting the Communications Team by email

DCSTCommunications@dcstrust.co.uk

Staff, volunteers and contractors who may not directly identify themselves as Trust

members/connected to the Trust when using social media for personal purposes

should be aware that the content they post could still be construed as relevant to

their employment/connection with the Trust under certain circumstances, for example

by a journalist, Ofsted, DfE or potential employees. This is particularly the case when

expressing strong views, political allegiances or posting content of an offensive,

controversial or sexual nature and if posted in the public domain, comments and

images posted can generally be reproduced without their permission.

Unauthorised disclosure of confidential information would constitute misconduct

/gross misconduct in accordance with the trust’s Disciplinary Policy.

When using social media, staff should respect their audience. As a general rule, staff

should be mindful of any detrimental comments made about colleagues while using

social media, e.g. failing to show dignity at work (harassment), discriminatory

language, personal insults and obscenity. These examples are not exhaustive and

will be considered a disciplinary matter.

It is important to also protect the privacy and to safeguard the people we work with

and for. Staff should therefore not post any pictures of individuals without first

obtaining their written consent, and for those under the age of 16 years consent

should be obtained from their parent/ legal guardian. This includes taking photos of

colleagues and people supported by the Trust at events such as the Staff Summits.

Line managers are asked to take an active role in any social media activity

developed for Trust purposes, within their service to ensure quality of content, and

that it is in keeping with the Trust’s values and behaviours.

If, as non-employees, volunteers, contractors and individuals on work placements are

exempt from conventional disciplinary/HR processes, any misuse of social media by

them must be dealt with appropriately by whichever trust employee is responsible for

their supervision while at the trust. This may result in a number of measures,

including the termination of their role/contract with the trust where it is deemed

appropriate.

8

The below outlines good and bad practice for all staff when using social media for

personal use.

Good Practice:

1. Set your privacy settings for all social networking sites you use.

2. Ensure any technological equipment, (including your mobile phone) is password/

PIN protected.

3. Consider having professional online accounts/ identities if you wish to have online

contact with service users, their families and other professionals.

4. Make sure that all publicly available information about you is accurate and

appropriate.

5. Remember online conversations may be referred to as ‘chat’ but they are written

documents and should always be treated as such.

6. Make sure you know the consequences of misuse of digital equipment.

7. If you are unsure who can view online material, assume it is public. Remember –

once information is online you have relinquished control.

8. Switch off Bluetooth.

9. When you receive new equipment (personal or work) make sure that you know

what features it has as standard and take appropriate action to disable/ protect.

Bad Practice:

1. Give your personal information to service users – children/ young people, their

parents/ carers. This includes mobile phone numbers, social networking

accounts, personal website/ blog, online image storage sites, passwords etc.

2. Use your personal mobile phone to communicate with service users. This

includes phone calls, texts, emails, social networking sites etc.

3. Use the internet or web-based communication to send personal messages to

children/ young people.

4. Share your personal details with service users on a social network site.

5. Add/ allow a service user to join your contacts/ friends list on a personal social

networking profiles.

6. Use your own digital camera/ video for work. This includes integral cameras on

mobile phones.

7. Behave in a way that could suggest that are trying to develop a personal

relationship with a child or vulnerable adult

8. Post any content that could be deemed defamatory, obscene or libellous.

9. Post comments that appear to endorse grossly irresponsible behaviour or law

breaking of any kind.

Remember you are responsible for the data on your electronic communication device.

7.2 USE OF SOCIAL MEDIA IN PRACTICE

The circumstances when a social worker/ practitioner may consider using social media include using it to search for an individual, such as a birth parent in care proceedings, or to confirm certain activities that an individual may be involved in and

9

are considered to be high risk or detrimental to the welfare and/or safety of a particular child or children. There may be legitimate use made of social media to locate missing birth parents in care proceedings cases, although it would be prudent not to undertake any such search without first seeking legal advice. Communicating with individual service users via social media has been regarded by the HCPC as inappropriate activity (although the broader context of that particular case is obviously relevant). This is an area where separate detailed guidance may be beneficial. It is helpful to very briefly look at the legal context before considering the implications for social workers of using social media to either find service users or to gather evidence in relation to service user activities.

7.2.1. LEGAL BACKGROUND:

Human Rights Act 1998/ European Convention on Human Rights (ECHR)

Article 8 of the ECHR provides that each person has a right to respect for his "private and family life, his home and his correspondence" (much social media content is likely to fit the definition of correspondence, such as messaging through media such as Facebook, Twitter etc).

Regulation of Investigatory Powers Act (RIPA) 2000

RIPA regulates directed and, or covert surveillance carried out against private individuals or organisations by public authorities. It is unlawful to undertake surveillance without obtaining proper authorisation in compliance with these regulations.

Amendments to the Regulation of Investigatory Powers (Directed Surveillance and Covert Human Intelligence Sources) Order 2010

These amendments mean that a local authority can now only grant an authorisation under RIPA for the use of directed surveillance where the local authority is investigating particular types of criminal offences. These are criminal offences which attract a maximum custodial sentence of 6 months or more or relate to the underage sale of alcohol or tobacco. Obviously it is never the role of social workers to investigate criminal offences.

General Data Protection Regulations 2018

Under this act personal data has to be “fairly and lawfully processed”, meaning that there needs to be legitimate grounds for collecting and using personal data, and there must be “no detriment” to the data subject of their data being collected.

7.2.2 SPECIFIC CONSIDERATIONS

Searching for Missing Individuals: Family court judge, Justice Holman, adjourned an adoption hearing to give time for the birth mother who the LA had been unable to contact to be traced and notified of

10

the hearing. Justice Holman had been informed by a party in the case that the mother had been found on Facebook. He said:

“...Facebook may well be a route to somebody such as a birth parent whose whereabouts are unknown and who requires to be served with notice of adoption proceedings.

“I do not for one moment suggest that Facebook should be the first method used, but it does seem to be a useful tool in the armoury which can certainly be resorted to long before a conclusion is reached that it is impossible to locate the whereabouts of a birth parent.

“...in this particular case, a relatively socially disadvantaged young mother…has been found very rapidly by that means.”

In this type of instance the General Data Protection Regulation requirement that there be “legitimate grounds” for gathering information is clearly met, and in any event the search of Facebook or any other form of social media account had been ordered by a court. More generally however there should be a record of the decision making in relation to the legitimacy of any search.

As well as satisfying the ‘legitimacy’ test, there is a requirement to consider whether there is any detriment to the data subject. It may be in the case of someone who is effectively ‘in hiding’ that a search on Facebook or any other form of social media account for that person by a public authority could infringe, and thereby cause them detriment. Of course in any one case it may be very difficult to determine whether this is likely to be the case or not.

Even having taken into account all of the above there remain complex issues about whose Facebook or any other form of social media account should be used to search and contact a service user. It would not be safe or appropriate for an individual social worker/ Trust employee to do this through their own private account and of course the Trust could not expect or require that they do so either. Before taking any such action, please contact Legal in the first instance to discuss.

7.2.3 VIEWING SERVICE USERS SOCIAL MEDIA

Often social workers or other social care staff will be made aware of the content of an individual service user’s social media account by another service user. Social workers are then sometimes tempted to make a search and even gather information. For example by copying and pasting screenshots into case notes or reports via their own social media accounts. There is a temptation to think that there is no infringement of the service user’s privacy if they have not applied privacy settings to their account. This is not the case.

There is clear guidance produced by the Office of Surveillance Commissioners (OSC): https://osc.independent.gov.uk/category/guidance-notes/ripa/

The guidance is for members of the State (such as social workers) setting out when they can view social media without consent of the author. If a parent has privacy

11

settings, then the only way to view it is with the person’s explicit consent or a warrant under RIPA from a Magistrate. Anything else is an offence. The guidance is also clear that the use of dummy or fake accounts to gain access to another person’s social media presence is ‘inadvisable’.

In relation to when privacy setting have not been used, the guidance states:

“Where privacy settings are available but not applied the data may be considered open source and an authorisation is not usually required”.

However:

“Repeat viewing of ―open source sites may constitute directed surveillance on a case by case basis and this should be borne in mind”.

Directed surveillance requires authorisation under RIPA, conducting directed surveillance without authorisation is a criminal offence under RIPA, and may also attract damages claims against the Trust. Since the 2010 Amendments to RIPA (see above) it is highly unlikely that authorisation will be obtained in child protection cases.

Even if a social worker only viewed an account on one occasion, if another social worker for the same LA were to look at the same social media account, then the Trust may be running the risk of inadvertently straying into the territory of conducting directed surveillance.

7.2.4 CHILDREN’S SOCIAL CARE STAFF ADVICE

Staff should not look at service users’ social media accounts at all, as to do so could result in criminal prosecution of the individual/s involved and possible claims for damages against the Trust.

Staff should also not ‘commission’ another person not employed by the Trust to undertake a search on their behalf.

In the event of social media content being passed to a member of staff in an unsolicited manner, the staff member should report this to their line manager in the first instance and legal advice sought as to how to ‘process’ that information.

If in any doubt, or you would like to consider using social media to find an absent parent or other relative, legal advice should be sought.

7.3 USE OF SOCIAL MEDIA FOR TRUST BUSINESS

Only those employees authorised by the Trust to use social media as being the

‘voice of the Trust are permitted to do so. Any social media presence on behalf of the

Trust will require the approval of the Head of HR, OD, Communications and

Marketing prior to an account being set up. If approved you will need to share the

account and login details with the Communications and Marketing team.

The Trust’s corporate social media accounts will be managed by the

Communications and Marketing team. This is to ensure that all messages are

12

accurate, consistent and coordinated with other communication and marketing

activity across the Trust.

If managers believe that using social media as means for communication with staff,

young people, carers, volunteers, stakeholders or the general public is appropriate

and necessary, some considerations must be made. The below cover the areas

services would need to outline prior to an account being approved.

Clear objectives: There should be clear potential benefits from setting up a new

social media account. Be it to reach young people, carers and/or colleagues within

the Trust and/or the wider local or national community. You must be able to illustrate

why you feel this can’t be achieved through the Trust’s corporate social media

channels. In addition to this, you will also be asked to demonstrate how you and your

team plan to manage the account, if approved. An initial buzz of activity followed by

the account rarely being used will be seen in a poor light and may lead to the site

being closed down.

Right network for your audience: It is easy to select a channel because it is the

one that you use and know, as it may not be the right one for your audience. Instead

you should start by identifying which networks your target audience use. If you can,

ask a cross section of your audience and where they like to be online. You might find

they like to use multiple channels, but don’t spread yourself too thinly online. Running

social network accounts takes time and resources.

Have a strategy: Regular posts that interest your audience will help to build your

platform and attract new audiences. It is therefore really important that you have a

strategy for developing your content. The Trust’s Communications and Marketing

team can help you with this. A good place to state is to listen to what your audience

like to talk about. Keep focussed on your own messages and priorities but don’t be

afraid to share relevant content besides your own. Do be mindful of Trust campaigns

and how your objectives could be similar – you can help to amplify the Trust’s

messages.

How is your platform performing? It is important that you make the time to review

your social media channel is performing, if it is achieving your original objectives.

Regular reviews should be undertaken to understand which activities have not been

effective and why so that you can adapt future content. The Trust’s Communications

and Marketing Team can help you with this.

Monitoring/moderating the site must be done regularly on the five working days of

each week (Monday-Friday), in order that any malicious or malevolent comments are

removed as soon as possible. This must be undertaken within the service and the

relevant Head of Service and Trust’s Communications & Marketing Team must be

informed of any material which may potentially attract media interest, breach

confidentiality or bring the trust into disrepute generally.

Disclaimers on social media sites do not remove the Trust’s obligations to

accuracy and potential legal implications. Generally, the operators of websites or

social media accounts are not held liable for unmoderated defamatory material

13

posted by third parties, however once notified of potentially defamatory material, it is

the site or account owner’s responsibility to remove it within a reasonable timeframe.

If a manager decides that social media is an appropriate service tool, a Privacy

Impact Assessment must be completed and forwarded to the Corporate Resource

Manager, who holds responsibility as the Trust’s Information Officer together with a

risk assessment which will identify how the issues identified above are going to be

addressed.

Email DCSTDPO@dcstrust.co.uk for further details.

It is important to note that comments made on a social media account operated by

the Trust belong to the organisation and can be disclosed under the Freedom of

Information Act 2000. The Information Commissioner has also dictated that

organisations must be in a position to receive a Freedom of Information Act request

via that medium and site so any such requests received via trust-operated social

media accounts should immediately be forwarded to

DCSTFOI.requests@dcstrust.co.uk

7.4 USE OF SOCIAL MEDIA BY YOUNG PEOPLE IN OUR CARE

Due to the proliferation of internet-enabled mobile phones and other handheld

devices, it is not practical or possible for the Trust to monitor or control social media

activity by our young people in our care either on or off Trust premises. However, to

protect confidentiality, young people must not take pictures or videos of other young

people, visitors or Trust staff and post them on social media websites without their

permission.

Regardless of age it is important to have a discussion with a young person about

what is acceptable online behaviour. Talk frankly to your child about how they explore

issues related to the health, wellbeing, body image and sexuality of themselves and

others online. They may be discovering inaccurate or dangerous information on online at

what is a vulnerable time in their lives.

Young people must also not post personal details relating to other young people or

Trust staff on social media without their permission. Trust staff should challenge

anyone believed to be uploading pictures, video or personal details of young people

in our care, visitors or Trust staff without their permission.

In the first instance, staff should ask that the individual/s concerned delete any

photos/videos taken and/or remove social media posts revealing personal details. If

the individual does not comply with this request, then please take a screen copy of

the image and share it with the Head of Service and Communications by emailing

DCSTCommunications@dcstrust.co.uk

It may also be appropriate to report activity of this nature to the police in certain

circumstances. For example if it suspected that images or videos are of a voyeuristic

nature are being recorded or if the material posted is of a significantly offensive or

14

threatening nature. This will need to be reported immediately to the Head of Service

responsible for the Service area or equivalent.

7.5 REPORTING MISUSE OF SOCIAL MEDIA

All staff, volunteers and contractors are responsible for reporting any potential social

media misuse they may see online and reporting and challenging social media

misuse by young people and children.

Any concerns must be raised immediately by emailing

DCSTCommunications@dcstrust.co.uk and your Head of Service.

In the email you should include as much relevant detail as possible, including where

and when it was post, a screen shot of the post, and the action that has been taken

to try and get the post removed.

8. ROLES & RESPONSIBILITIES

The Chief Executive is the Accounting Officer and, supported by the SIRO has

overall responsibility for ensuring that information governance is applied through the

organisation. Whilst the Trust is the data controller the Chief Executive is

accountable for ensuring the role is carried out and meeting all statutory

requirements. The role carries the responsibility of being the trust’s Data Controller

and has overall accountability for compliance with the trust’s policies ensuring that all

staff are aware of the need to comply with the General Data Protection Regulation

and the Data Protection Act 2018. The Chief Executive also carries overall

responsibility for ensuring that arrangements with third parties who process personal

data on the Trust’s behalf do so under written contract which stipulates appropriate

compliance with current data protection legislation.

Managers and supervisors will be responsible for ensuring the local implementation

of information governance and that they implement this and appropriate information

policies within their sphere of responsibility, including monitoring the content of any

social network sites utilised by the service to ensure the content complies with all

Information Governance and trust policies. This includes taking appropriate

management action should non- compliance arise. Clear accountability

arrangements will ensure that staff are held to account for the work that they do and

this will be reinforced through contractual arrangements.

Employees, volunteers, agency workers, sub-contractors: All Trust staff,

employed, agency, sub-contracted or volunteers, have a responsibility to ensure

compliance with this and other information governance policies and procedures in

general. With regard to the application of social media, all staff, employed, sub-

contracted or volunteers have a responsibility to ensure that any content posted on a

Trust social media site complies with both information governance and trust policies

including ensuring that all staff as listed, must undertake annual mandatory

information governance training requirements.

15

VERSION CONTROL

Version Date Author(s) Status Comment

Draft1 10-10-18 Lorraine Eastham Draft For review by Chief Executive Team Expert Readers