Under the amended Information and Cyber Security recommendations for 2023, the Insurance Regulatory and Development Authority of India (IRDAI) has published new recommendations for insurance businesses, requiring them to adopt social media policies for their personnel. The move is intended to regulate employee use of social media, particularly in India’s expanding insurtech sector.
The recommendations clarify how insurance staff should utilise social media and the influence it can have on the organization’s reputation. The IRDAI has requested that no unsubstantiated or sensitive information about the organisation be broadcast to the public via social media.
Employees are not permitted to use any social media site for business purposes unless they have obtained adequate training suggested by the organization’s corporate communication team, according to the guidelines. Employees are not permitted to utilise social media or discuss any unverified or confidential information about the organisation during office hours.
Employees are also prohibited from using social media platforms to report a service malfunction, file a complaint, or post anonymously or under a pseudonym. They should make it clear that they are posting as themselves and not on behalf of the insurance for which they work. Employees are also not permitted to discuss anything received on their official email ID without first obtaining permission from the insurer’s compliance team.
While using social media for personal reasons, employees should act in a way that benefits the company’s business and reputation. Employees should avoid criticising their employer online, avoid using official logos, email IDs, or other identification when posting on social media, follow other corporate standards, and be cautious of the privacy settings on their devices, according to the IRDAI.
The IRDAI’s new rules come in the midst of an upsurge in cybersecurity incidents in India, and the regulator hopes to fortify the insurance industry’s defences against cyber threats. The regulator seeks to protect an insurer’s trustworthiness and reputation by requiring workers to follow social media guidelines.