Understand the difference between static and interactive communications.

Static social media content, as the word suggests, is anything that only you can change. To the extent such content is promotional or solicits an action, it is considered advertising and, depending on the industry, may be subject to preapproval.

Interactive content is generally in real time, involves more than one party, and often includes third-party posts. It is not subject to preapproval, and the host site is typically not responsible for post content, with some critically important exceptions.

Don’t tinker, entangle or adopt.

As soon as you tinker with the message in content that has been posted to your site, you may very well move from being the protected operator of the site to being responsible for problematic content. As our friend Jim Quinn, an expert in technology and intellectual property law, puts it, “As long as your site serves merely as a bulletin board, you are unlikely to be held responsible for third-party content. But edit the message, and you may unwittingly become the legally exposed author.” (True for all industries, not just regulated ones.)

Then there are what FINRA (Financial Industry Regulatory Authority) calls the “entanglement” and “adoption” theories. If you are at all entangled in the preparation of the content, you’re accountable for it. If you explicitly or implicitly adopt the content, it’s attributable to you. Either way, you and anyone representing you are on the hook.

Keeping a name private can still violate HIPAA.

Under HIPAA (Health Information Portability and Accountability Act), healthcare and insurance providers can be held liable for posting third-party content, even where patients or policyholders aren’t named. A posted x-ray with just the image, but no name, caused problems for one provider. Another post that contained the location of an accident was determined to be enough to identify the victim, who was a patient. Even if such information emanates from a third party, you need to be vigilant, or risk being liable.

Don’t throw anything away.
A principal concern of FINRA and the National Association of Insurance Commissioners (NAIC) is that a company’s affiliated advisors and appointed insurance agents will go rogue. So they require these companies to archive all important correspondence, social media being no exception.

This is hardly an onerous principle, but it does present logistical challenges. Which is why there are now a number of technology applications that record and store social content as soon as it is created, with privacy, retention and retrieval functionality that helps you pass regulatory muster.