It’s Annual Check-Up Time! How’s Your Company’s Data Privacy Health?

March 2, 2021

By Senny Boone, Lisa Shosteck

As we release the latest ANA Annual Ethics Compliance Report, reflect on 2020 and implement our plans for growth for 2021, now is the perfect time for a data check-up to see if there’s any areas that need to be tightened up and improved. We can’t help but think of our own health check-ups as we navigate through such extenuating circumstances. So while you’re making your own annual check-ups, don’t forget to schedule an annual check-up for your company. It’s time to take a look at your company’s or organization’s “health” with respect to data, marketing and ethics.

 

Step One: Examine your data information collection and protection practices.

Do an audit of your data practices. Ask the following questions:

• What types of data are you collecting?
• Is the data you are collecting relevant?
• How long are you keeping the data?
• Is the data protected and secure?
• Who are you sharing the data with?

 

Step Two: Review applicable global, federal, state requirements and take a closer look at what types of data you are collecting and from whom.

Certain data is sensitive and protected under federal laws/regulations. Additionally, certain states and countries have laws and regulations regarding use of data.

• Health Data: Covered by Health Insurance Portability and Accountability Act (HIPAA)
• Children’s Data: Covered Children’s Online Privacy Protection Rule (COPPA)
• Financial Data: Covered by Gramm-Leach-Bliley (GLB)
• Data from California: Covered by California Consumer Privacy Act (CCPA) and California Consumer Privacy Rights Act (CPRA)
• Data from other countries: ANA does offer a dispute resolution service for Privacy Shield to members and nonmembers. If you have questions about the ANA Privacy Shield program — one of the mechanisms to allow you to transfer data from EU or Switzerland to the United States, please contact us. We are still offering this service as the U.S. Department of Commerce works with its EU and Swiss counterparts to address any outstanding concerns.

 

Step Three: Review and update your privacy policy notice.

• Is your notice easy to find, read and understand?
• Does your notice accurately reflect what types of data you are collecting, who you are sharing it with, how you are protecting the data and how a consumer can access the data and contact to you with their marketing preferences?
• Are all categories of marketing data covered? Explain what types of data you’re collecting and using across the spectrum of your online and traditional marketing efforts. Provide proper notice and choice to consumers.
  • Digital: Interest-based advertising, cookies (first or third-party usage), etc. Review Digital Advertising Alliance’s principles and opt-out tools.
  • Direct Mail: Do you employ best practices for list hygiene and management? For instance, by subscribing to DMAChoice — a suppression file of consumers/prospects who don’t want to receive promotional mail you’ll reduce your mailing costs and strengthen your brand by honoring consumers’ marketing preferences.
  • Email: Do you have a working unsubscribe mechanism in each email that goes out? Are you honoring opt-outs within 10 business days to be CAN-SPAM compliant? If you are emailing to subscribers in the EU be sure you are GDPR-compliant, and in Canada, CASL-compliant.
• Don’t make your privacy policy overly legalistic and ensure your marketing team reviews it for clarity.

 

Step Four: Review the 2020 ANA Ethics Compliance Report.

Download our latest report to view the scope and types of complaints we’ve processed in 2020 at the staff and Committee levels. Learn what consumers are most concerned about, as well as the types of education and guidance we provide to companies and consumers. Here’s a snapshot:

Be sure to check out the full report and companies found to be out-of-compliance.

 

Step Five: Knowledge-share and connect by getting involved in ANA Ethics Committees.

We have two great Ethics Committees to get involved in:

1. ANA Ethics Policy Committee: shapes best practices and get latest updates on policies and regulations related to ethical standards and compliance across marketing ecosystem.
2. ANA Ethics Review Committee: reviews and recommends actions on marketing and ethics complaints and educates companies and consumers.

Please contact us if you want to get more involved in ANA ethics issues. If you have questions or concerns regarding a marketing issue, you can view our accountability compliance materials online, and/or you may file an ethics marketing complaint. Please submit the appropriate complaint form and include any relevant supporting documentation or screen shots for our staff and/or our Ethics Committee to review.

Follow these five comprehensive steps to pass your company’s ethics wellness check-up with flying colors.