Regulator IRDAI (Insurance Regulatory and Development Authority of India) has requested insurance companies to lay down social media guidelines for their employees to make sure that no unverified or confidential data associated to the organisation, is disseminated to the general public by means of these platforms.
An organisation’s repute is carefully linked to the behaviour of its employees, the IRDAI stated, including, “Social media should be used in a way that adds value to the organisation’s business.”
The Information and Cyber Security Guidelines, issued by the IRDAI to all insurers, have a particular part on ‘Acceptable utilization of social media’ — which states that the employees ought to be shunned disseminating any unverified and confidential data on “any Blogs/Chat forums/Discussion forums/Messenger sites/Social networking sites”.
“Any information received, accessed or obtained by an employee, either in his/her official mail/personal mail/Media Forums or in any other manner, if proposed to be disseminated or shared in any Media Forum, should be forwarded to the Organisation’s Compliance team and corporate communication team for prior approval,” it stated.
Media boards shouldn’t be used to report a service fault or to make a grievance, it added.
Carrying a disclaimer
IRDAI additional stated any private Internet posting or communication which means that you just work for an organisation should embody a easy and visual disclaimer like ‘the postings on this service are my very own private views and never these of the organisation and usually are not supposed to be interpreted as such’.
“The personal image projected on social media affects an individual’s reputation and may affect the reputation of the Organisation. No form of critique or comment on an Organisation or its business should be made on personal websites or social networking platforms,” stated the part on guidelines for the utilization of social media by employees for private functions.
The organisation’s Information and Cyber Security Policy (ICSP) identifies duties and establishes the targets for constant and applicable safety of the organisation’s crucial information and knowledge belongings. Implementing this coverage shall cut back the danger of unintended or intentional disclosure, modification, destruction, delay, or misuse of knowledge belongings, the regulator stated.
Information belongings comprise information or data recorded in digital, printed, written, facsimile or different programs and the ‘system’ itself.
Universally relevant
The guidelines are relevant to all insurers, together with overseas re-insurance branches (FRBs) and insurance intermediaries, regulated by the IRDAI.
In 2017, the regulator issued guidelines on Information and Cyber Security for insurers, which have been later prolonged to all intermediaries in 2022.
Considering the widespread adoption of digital applied sciences and the concurrent enhance in cyber safety incidents, the IRDAI has revised the guidelines to allow the insurance business to strengthen its defences and a associated governance mechanism, to cope with such rising cyber threats.
