Effective Date: Jan 2025
Version: 1.0
1. PURPOSE
This Social Media Policy establishes guidelines for the responsible, ethical, secure, and compliant use of social media platforms by employees, contractors, consultants, representatives, partners, and authorized users of Ilera EHR, a product of Xpress Access Data Solution (“the Company”).
As a healthcare software company handling sensitive healthcare and operational information, the Company recognizes the importance of protecting confidentiality, maintaining professionalism, safeguarding patient and customer trust, and ensuring compliance with applicable laws and regulations.
2. SCOPE
This Policy applies to:
- Employees
- Contractors
- Consultants
- Temporary staff
- Interns
- Vendors acting on behalf of the Company
- Authorized representatives
- Official Company social media accounts
- Personal social media usage where it impacts the Company
This Policy applies to all social media platforms including but not limited to:
- X (Twitter)
- TikTok
- YouTube
- Telegram
- Blogs and online forums
- Community platforms
- Any future social networking or digital communication platform
3. OBJECTIVES
The objectives of this Policy include:
- Protecting confidential and sensitive information
- Preserving the Company’s reputation and integrity
- Promoting responsible online behavior
- Preventing unauthorized disclosures
- Ensuring compliance with legal and regulatory obligations
- Maintaining professional communication standards
- Reducing cybersecurity and reputational risks
4. GENERAL PRINCIPLES
All personnel must:
- Act professionally and respectfully online
- Avoid posting false, misleading, offensive, discriminatory, or harmful content
- Protect confidential business and healthcare information
- Avoid unauthorized public statements on behalf of the Company
- Comply with all applicable laws and policies
- Respect intellectual property rights
- Exercise good judgment when discussing work-related matters online
5. CONFIDENTIALITY AND HEALTHCARE INFORMATION
Personnel must not disclose or publish:
- Patient information
- Medical records
- Health-related data
- Confidential customer information
- Proprietary software information
- Internal operational details
- Security configurations
- Credentials or access information
- Financial information
- Non-public business strategies
- Confidential communications
No patient-related information may be shared on social media without proper authorization and lawful basis.
6. OFFICIAL COMPANY SOCIAL MEDIA ACCOUNTS
Only authorized personnel may:
- Create official Company accounts
- Publish official statements
- Respond to media inquiries
- Represent the Company publicly online
- Access administrative social media credentials
Official communications must:
- Be accurate and professional
- Align with Company branding and messaging
- Comply with legal and regulatory requirements
- Avoid misleading or deceptive claims
- Protect confidential information
7. PERSONAL SOCIAL MEDIA USE
The Company respects employees’ personal use of social media. However, employees must:
- Avoid implying personal opinions are official Company positions
- Avoid reputational harm to the Company
- Avoid harassment, discrimination, or unlawful conduct
- Avoid disclosure of confidential information
- Avoid unauthorized use of Company logos or branding
Employees should make clear when opinions expressed are personal.
8. PROFESSIONAL CONDUCT
Personnel must not use social media to:
- Harass or bully others
- Spread misinformation
- Engage in hate speech or discrimination
- Share offensive or inappropriate content linked to the Company
- Defame individuals or organizations
- Violate intellectual property rights
- Engage in unlawful activities
9. CYBERSECURITY AND SECURITY RISKS
Personnel must exercise caution regarding:
- Phishing attempts
- Malicious links
- Fake accounts
- Social engineering attacks
- Credential theft
- Unauthorized access requests
Company passwords, authentication information, and internal systems must never be shared through social media platforms.
10. USE OF COMPANY BRANDING
Company logos, trademarks, screenshots, product visuals, and branding materials may only be used in accordance with Company authorization and branding guidelines.
Unauthorized use of Company intellectual property is prohibited.
11. COMPLIANCE WITH LAWS AND REGULATIONS
Personnel must comply with:
- Data protection laws
- Healthcare confidentiality obligations
- Intellectual property laws
- Employment obligations
- Defamation laws
- Cybersecurity regulations
- Advertising and consumer protection laws
- Applicable professional ethics obligations
12. REPORTING CONCERNS
Personnel should promptly report:
- Suspected data breaches
- Impersonation accounts
- Security concerns
- Unauthorized disclosures
- Fraudulent activities
- Reputation threats
- Harassment or abuse involving Company platforms
Reports should be made to:
- Compliance Team
- Information Security Team
- Human Resources
- Management
- Data Protection Officer
13. MONITORING
The Company reserves the right to monitor official Company social media platforms and investigate activities that may violate this Policy or applicable laws.
Monitoring shall be conducted in accordance with applicable legal and privacy obligations.
14. VIOLATIONS
Violations of this Policy may result in:
- Disciplinary action
- Suspension of access privileges
- Employment consequences
- Contract termination
- Legal action
- Regulatory reporting where applicable
15. POLICY REVIEW
This Policy may be updated periodically to reflect:
- Regulatory changes
- Technological developments
- Business requirements
- Emerging security risks
16. CONTACT INFORMATION
For questions regarding this Policy, contact:
Xpress Access Data Solution
xadsolutions@gmail.com
https://ileralife.com