Socially Regulated

Companies in highly regulated industries such as financial services, pharmaceuticals, healthcare, and insurance don’t have a major presence on social media. Each of these industries has a different federal regulatory agency with its own rules, regulations and supervisory guidelines that companies must adhere to. Many regulated companies know that social media is important but are fearful of violating regulatory requirements. The social media compliance guidelines of the federal regulatory agencies are often vague and there is a large grey area. Companies are unfamiliar with the distinction of what is permissible on social media and what is not. Therefore, regulated companies tend to stray away from social media altogether. As we all know this is the exact opposite of what any company should do.

Listed below are the regulatory agencies and their requirements that adhere to social media.

Heath Insurance Portability and Accountability Act – The HIPAA Privacy Rule addresses patient privacy and Protected Health Information without written authorization of the patient. There are no specific social media rules. However, the law applies to health-care providers and health plans, and their workforce. Anything found on social media inconsistent with HIPAA’s privacy and security regulations is subject to penalty.

Food and Drug Administration – The FDA took action to clarify social media concerns on how drug-makers are to interact with requests for off-label information through social media. The FDA guidelines encourage direct responses taking public comments into a private channel.

Securities and Exchange Commission – The SEC has addressed social media related to financial services, mainly registered investment advisers. The National Examination Risk Alert: Investment Adviser Use of Social Media recommends that social media users regularly monitor and review content in order to stay within “the federal securities laws, including, but not limited to, the antifraud provisions, compliance provisions, and record-keeping provisions.”

Financial Industry National Regulatory Authority  – The FINRA published Regulatory Notice 10-06. It was composed of guidelines for blogs and social networking sites and specifying record-keeping responsibilities and supervision requirements. Regulatory Notice 11-39 dives deeper into regulations concerning archiving both one-way and two-way communications.

These agencies need to clarify how the current regulations put in place apply to social media. It will be interesting to see how these agencies respond as social media continues to flourish.


Tips for regulated companies implementing social media:

  • Research regulatory requirements of industry and how they pertain to social media.
  • Develop a strategy as well as policies and procedures on social media with the help of the legal and compliance department and the human resources department.
  • Educate employees on social media use in the company.


  1. I think this is a very interesting topic. I worked in healthcare, and had to attend a seminar about what could and could not be put on personal internet sites. As social media becomes a larger part of business operations, it will be very interesting to see how these highly regulated companies will respond. Should they start to adopt social media tendencies, laws will have to be developed, and legal departments will have to learn how to oversee and respond to social media issues.

  2. It is unfortunate that the use of social media is feared in many of these industries. It is understandable that they want to avoid any regulatory issues, but they are missing out. We have learned how important social media can be for businesses. Heavily regulated industries are typically a little slower to introduce the newest technologies into their businesses. They may wait until there is more legal guidance over what is, and what is not, acceptable before using social media sites. You’re tips for companies that are heavily regulated are very good. These companies could benefit from very strong social media policies to protect themselves, but that still allows them to be active on the sites. This could help protect them from any legal or ethical issues. I guess only time will tell if these companies will be able to overcome the regulatory boundaries and emerge into the world of social media. Nice blog!

  3. I was out in silicon valley this week and discovered a company called Hearsay Social. It is a metalayer between the user and the traditional social media sites that conducts all the regulatory requirements. I think we may see more of these intermediary services that enact certain restrictions or perform services required by regulatory agencies in different industries. It’s a major issue.

  4. This is something that has always interested me as well. I think companies like the one that Prof. Kane mentioned are going to be an excellent way for heavily regulated companies to bridge this gap. It will be interesting to see how specific (or vague) these regulations are within particular industries like financial services and health care and how companies like Hearsay Social will be able to ensure that they are not breaking any laws for potential clients.

    I do, however, think that there are certain companies like the Goldman Sachs of the world that will never really make the true leap into social media. When you are dealing with billions of dollars on a daily basis, a misguided tweet could mean serious issues not just for the company, but for the world economy as a whole.

  5. Great points Megan and thanks for showing these regulations. From what I can see, with exception to the last rule which redirects you to more specific regulations, everything seems pretty vague. I believe that with how developed social media is, law-creating bodies like those listed above need to specify what is acceptable and what isn’t in more social terms (i.e. this is not acceptable to put in a tweet, etc). General guidelines give too much room for ambiguity and are preventative measures that should not exist. If financial or other information (i.e. housing or tax regulations) where more readily available, especially on social media outlets, I believe that everything would be more convenient for users. My belief is that if the information exists online and is open to the public, it should be allowed to be seen on social media.

  6. […] Socially Regulated. […]

%d bloggers like this: