Social Media Policy

This policy establishes expectations for employee use of social media to:

• Protect the company’s reputation, confidential information, intellectual property, and business relationships.
• Promote respectful, lawful, and professional online conduct.
• Clarify who may speak on behalf of the company and how official channels are managed.
• Preserve employees’ rights under NLRA Section 7 to engage in protected concerted activity, including discussing wages, hours, and working conditions.

This policy is intended to be applied consistently with applicable federal, state, and local law, including the National Labor Relations Act, Title VII of the Civil Rights Act of 1964, and the Fair Labor Standards Act (FLSA).

This policy applies to all employees, contractors, temporary workers, interns, managers, and supervisors when they:

1. Use social media during working time or using company resources.
2. Post, share, comment, message, or otherwise communicate about the company, its employees, customers, vendors, or business.
3. Manage or contribute to official company accounts.
4. Identify themselves as affiliated with the company on a personal account.

This policy applies whether the content is created on or off duty, on company or personal devices, and whether the platform is public or private.

For purposes of this policy:

• Social media includes public platforms, private groups, direct messages, blogs, forums, video-sharing sites, livestreams, review sites, and similar digital channels.
• Protected concerted activity means employees acting together, or on behalf of others, to discuss or address wages, hours, or working conditions.
• Confidential information includes non-public business, customer, employee, financial, operational, and trade secret information.
• Official company account means any account authorized to represent the company.
• Personal account means any account used in an individual capacity and not authorized to speak for the company.
• Reasonable accommodation requests related to disability, religion, or other protected needs must be handled through the company’s interactive process and should not be discussed publicly if doing so would disclose private medical or personnel information.

Employees are expected to use good-faith judgment when engaging on social media. The company prohibits social media activity that:

• Discloses confidential information, trade secrets, non-public financial data, customer data, or employee personal information.
• Creates a false impression that the employee is authorized to speak for the company.
• Harasses, threatens, discriminates against, or retaliates against any person based on a protected characteristic under EEOC laws, including race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, disability, or genetic information.
• Uses company logos, trademarks, copyrighted materials, or official branding without authorization.
• Interferes with job performance, workplace safety, or the company’s ability to meet business obligations.
• Violates law, court orders, contractual obligations, or other company policies.

The company will not discipline employees for lawful, protected speech, including protected concerted activity under NLRA Section 7, even if the content is critical of the company, provided the employee does not disclose confidential information or engage in unlawful conduct.

1. Personal Use

Employees may use personal social media accounts during non-working time, subject to this policy and other company policies. Employees should not use company time, equipment, or network resources for excessive personal posting.

2. Official Company Accounts

Only authorized employees may create, access, post to, or manage official company accounts. Authorized users must:

• Use approved branding and messaging.
• Follow the company’s content approval process.
• Protect login credentials and enable multi-factor authentication where available.
• Immediately report suspected account compromise, impersonation, or unauthorized access.

3. Speaking About the Company

Employees who identify their employment relationship online should make clear that views are their own and not the company’s, unless they are specifically authorized to speak on behalf of the company. Employees may not imply company endorsement without approval.

4. Confidentiality and Privacy

Employees must not post screenshots, internal messages, customer records, patient information, personnel matters, or other non-public information. If a post may include personal data, the employee must remove or mask the information before sharing.

5. Respectful Conduct and Anti-Harassment

Employees must not use social media to harass, bully, threaten, or discriminate against coworkers, customers, vendors, or applicants. Content that would violate the company’s anti-harassment or equal employment opportunity policies is prohibited.

6. Protected Speech and Escalation

If an employee believes a post, comment, or discussion involves wages, hours, safety, staffing, or other working conditions, the matter should be reviewed in good faith before any discipline is issued. Managers must consult HR or Legal before taking action that could affect protected concerted activity.

7. Crisis Response

Only designated spokespersons may respond publicly to incidents, emergencies, investigations, litigation, or media inquiries. Employees must route questions from journalists, customers, or regulators to the Communications or Legal team.

• Employees: Use social media responsibly, protect confidential information, and report suspected misuse, impersonation, or account compromise.
• Managers and supervisors: Model compliant conduct, avoid overbroad restrictions on protected speech, and escalate potential violations to HR.
• HR: Review complaints, coordinate investigations, and ensure discipline is consistent, documented, and compliant with NLRA, EEOC, and wage-hour requirements.
• Legal/Compliance: Review high-risk matters, including public incidents, defamation concerns, trade secret issues, and any matter involving protected concerted activity.
• Communications/Marketing: Manage official accounts, approve brand messaging, and maintain access controls and content standards.
• IT/Security: Support account security, access management, and incident response for compromised or impersonated accounts.

Violations of this policy may result in corrective action up to and including a documented warning, removal of content, suspension of access, a performance improvement plan (PIP), or termination, depending on the severity of the conduct and applicable law.

Before discipline is issued, the company will conduct a good-faith review of the facts, including whether the activity may be protected under NLRA Section 7 or otherwise protected by law. Discipline must be based on legitimate business reasons and applied consistently.

Where appropriate, the company may also require:

• Immediate deletion or correction of prohibited content.
• Retraining on confidentiality, harassment prevention, or brand standards.
• Revocation of access to official accounts.
• Referral to law enforcement or regulators if required by law.

Nothing in this policy is intended to restrict rights protected by law, including the right to discuss wages, hours, or working conditions, to report unlawful conduct, or to engage in other protected activity.

California employees: This policy must be applied consistently with California labor, privacy, and wage-hour laws, including protections for lawful off-duty conduct where applicable and privacy limits on employee monitoring.

New York employees: Reports of retaliation or whistleblowing concerns should be handled consistently with applicable whistleblower protections, including NY Labor Law Section 740 where relevant.

Illinois employees: Scheduling, attendance, and rest-break related issues should be coordinated with applicable wage-hour and rest-period requirements, including the One Day Rest in Seven Act where applicable.

Washington employees: Paid sick leave and protected leave-related communications should be handled consistently with the Washington Paid Sick Leave law and related leave policies.

If a local law provides greater protection than this policy, the local law controls.

This policy will be reviewed at least annually and updated as needed to reflect changes in law, platform practices, business operations, or enforcement guidance.

The policy holder is responsible for maintaining the current version, documenting revisions, and ensuring employees receive notice of material changes. Employees may be required to re-acknowledge the policy after significant updates.