EDIT: Sorry for missing week 6 – my auto-post schedule didn’t trigger like it should have.
This week is all about reviewing your third-party contracts to make sure that these organizations are required to be CASL compliant. In many cases existing contracts will need to be revised; so, make sure this is done well in advance of July 1st to give ample time for implementation. Also, this week we encourage you to look internally to develop new internal compliance monitoring programs to make sure that proper checks and balances are implemented, certifying all processes are compliant under the new law.
- Review Third Party Contracts
- Establish a checklist and revise contracts with third parties to require compliance with CASL.
- Review contracts to make sure they contain a “representation & warranty” that the email list was assembled/maintained in compliance with CASL.
- Review and update services contracts with emarketing outsourced to third parties to ensure they comply with CASL.
Develop internal compliance monitoring program
- Identify sign off, deployment and logging processes
Build record keeping systems
- Track who is responsible for each deployment to make internal auditing easier
Begin planning for “Fire Drill” scenario
- What is your investigation process should you internally identify your emails are non-compliant or you mistakenly deploy a message in violation of CASL?