How to Create a CASL Compliance Program
Organizations should create a CASL compliance program to reduce the risk of sending electronic messages that could be considered SPAM.
The Canadian Anti-Spam Law (CASL) was designed to protect Canadians from spam and other electronic threats that lead to harassment, identity theft and fraud. Businesses, charities, and not-for-profits of all sizes are at risk if they do not comply with CASL regulations.
Having a risk-reducing strategy, such as a CASL compliance program, will help reduce the likelihood of violations, which can cause significant monetary loss if fined due to non-compliance. If someone does present a complaint, the program will help businesses establish a due diligence defence when the case is investigated.
STEPS TO CREATING A CASL COMPLIANCE PROGRAM
Steps below are recommendations on how a small businesses or not-for-profit can create a simple program to assist them as they do their due diligence in meeting the requirements of the Canadian Anti-Spam Law.
1. Appoint someone to be in charge of the program
This person’s role will be responsible for the CASL compliance program for your organization; to be aware of the requirements, including any future changes, and ensure that the policies and procedures are in place.
2. Conduct an Assessment
The first task of the CASL compliance officer should be to conduct an assessment to see what procedures and policies of the organization must comply with CASL regulations.
3. Create a Policy to ensure Compliance
To help reduce the risk of being non-compliant, the point person in charge should then adjust or create new policies and procedures to ensure the organization is following the CASL regulations. These should be put into writing and made accessible to all levels of the organization, especially management. The person in charge should review the program regularly and update as needed.
Example - http://canadacouncil.ca/about/public-accountability/canadian-anti-spam-legislation
4. Getting started on a CASL Compliance Program
establish internal procedures for compliance
develop internal communication and training programs needed to ensure compliance
establish auditing and monitoring mechanisms
establish procedures so that 3rd parties, such as subcontractors and partners, are compliant
make sure consent is recorded
create a mechanism so that employees can provide feedback into the program.
READ MORE ABOUT CASL COMPLIANCE
Compliance and Enforcement Information Bulletin CRTC 2014-326
News Release (June 7, 2017) The Government of Canada is suspending the implementation of certain provisions in Canada’s anti-spam legislation (CASL) in response to broad-based concerns raised by businesses, charities and the not-for-profit sector. > Read More
Note: The information in this blog should be considered guidelines only. A full letter of the law can be found here. A summary of the Canadian Anti-Spam Law can be found on a previous article written here.