CASL enforcement is now just 2 weeks away and I’m sure there are lots of little things to get in place. Lets quickly check the things you need to have in place to make sure we haven’t missed anything.
- Data collection sources – You have reviewed and identified all the data collection points in your marketing communication programs from Point of Sale to web forms and event based collection practices (fishbowl and paper forms).
- Data sending sources – You have a clear understand of all your output sources, if this is unclear for email consider turning on DMARC in reporting mode to get a better picture of your email landscape). This includes messages sent by email, SMS/MMS, Social networks, Instant messaging and other digital channels.
- Communication to upgrade consent – Most marketers will be able to carry their existing consents forward into the three-year transition period, but addresses with no tracking or no consents should be re-permissioned prior to July 1st. I’m amazed at the number of businesses doing this that simply should not be and are severely impacting their mailable contacts. Companies that I have already given express consent to – which is grandfathered under CASL
- Updated Scripts for Verbal Consent – Training and new scripts should be underway or already in use for your verbal consents. Welcome programs should also be in place or in testing to reaffirm the prescribed information required under CASL.
- Contracts and partners – Legal documentation between you and your vendors should be in progress or completed at this time. Simply outlining the requirements and who is responsible for which portions of the law should be made clear. In most cases your vendors will be looking at you to keep up compliance for sending, but if you have affiliates or data collection partners you should be holding them to a higher standard under CASL.
- Upgrade sharing tools – Forward to a friend could be a giant legal nightmare, consider your sharing programs and upgrade to social sharing vs email sharing. These types of solutions have been less popular for the last few years anyway as social media have become the prefered way to share your content.
- Data flow and suppression management – Looking at how data flows in your system and how lists are screened for compliance before deployment should be completed and in testing mode now. Data management will remain a key factor in Compliance with the law and should be well documented and tested frequently.
- Compliance and Monitoring – Solutions should be in testing and documentation mode. Processes for compliance failure should be drafted and made available for the team to review. Well documented process and workflows can be a key part of your due diligence program under CASL.
There is still time to make chances and accomplish many of these items in the next 14 days. But if you can only get to three of them I would recommend looking at your templates, forms and data management processes as a starting point.