Put simply, web policy encompasses a set of mandates or constraints – legal, editorial, compliance-related, and technical constraints – that limit a company’s online behaviour. Why does an organization need policies to limit online behaviour? For the same reason companies need policies to limit offline behaviour – namely, to enable responsible, appropriate decision-making at all levels of the organization that is in compliance with relevant regulations, best practices, and, most importantly, the law.
What is one of the key objectives in creating web policy?
Without policies that are specific, clear, comprehensive, and stable, an organization is more susceptible to lawsuits, internal problems and misunderstanding. In other words, an organization’s exposure to risk is increased. Thus, one of the key objectives in creating web policy is to protect your organization from risk.
Who’s responsible for setting web policy?
As with offline policies, web policies are best set by an organization’s senior management, with the guidance of key senior web subject-matter experts. The primary reason for this is that web policies should be high-level and strategic, and, as such, require the input of individuals who are capable of seeing the overall picture.
How do you determine when you need a web policy?
Be it online or offline, a policy is generally necessary:
- In cases where propriety may not be clear (e.g., how to use the company’s social media accounts in a way that reflects the professional standards of the organization);
- If guidance is needed about the most suitable way to handle a situation (e.g., how to handle potentially confidential information received from visitors to your website);
- When needed to protect the company legally (e.g., when publishing content that is potentially contentious or copyrighted);
- To ensure that an organization is in compliance with governmental policies and laws (e.g., Web Content Accessibility Guidelines 2.0); and
- To establish consistent work standards, rules, and regulations (e.g., rules concerning the creation, deletion and maintenance of company forms on the web).
While this list may imply that it is necessary to create – from scratch – web policies for each of these situations, that is not, in fact, the case. Some of these situations will overlap. Even more importantly, some organizational policies that were created prior to the broad use of the web may only need to be tweaked to address web-related issues. It follows, then, that a good first step in the development of web policies is to examine your organization’s existing corporate policies – including those policies not typically thought of as web-related. The next step would be to create new policy that is explicit to the web.
For information about how web policy differs from web standards, check out our upcoming post on web standards.