CASL’s intended effect is to deter and prevent deceptive and damaging forms of spam and Internet practices. The legislation deals with how, when, where and why you are authorized to send commercial electronic messages (CEM) that are intended to solicit any kind of business relationship.
In a nutshell, you are required to:
- Obtain specific permission from your patients and potential patients before you can legally send them electronic messages about your services.
- Maintain records of consent to prove you have received permission from them to receive CEMs.
- Remove patients from your mailing list if you have not done business with them for two years, unless you obtain permision again.
Expressed permission is where a patient or potential patient has formally “opted-in” to receive commercial messages from you. They may check a box on your website, complete a website form or otherwise give you a provable permission to receive your electronic messages. This is the strongest form of consent as it is very clear what your patient’s intent is with respect to you marketing to them.
Implied permission is when consent is not actually stated but it is inferred by another action taken by your patients. For example, when you already have an existing business relationship with a patient it is implied that they expect on-going business-related communications from you. When they book an appointment online with you it is implied they agree to receive confirmations from you. You should ensure your email confirmations include an “unsubscribe” option. Implied permission can also include persons whom you may not even know, but their business and duties are relevant to your business and their contact information has been made publicly available to you (on a business card, website address etc.).
Implied permissions expire two years after your last business transaction with the patient.
Existing patients that book online already have given you implied consent. The concern you have is with new and potential patients. It can be easy for you to obtain and store expressed permission from your patients without deviating from your regular day-to-day practices. Here are a couple of ideas you may want to consider.
- You are required to obtain signed treatment consent from your patients before you treat them. Why not add a checkbox to this form that asks for permission? Something like, “I understand and agree that as part of my on-going care, I may receive communications from you electronically or otherwise about my treatment and related services.” Once checked, this would qualify as expressed permission for you to communicate with them about your business and services.
- An example of implied consent is when a new patient visits your website and requests an online appointment with you. Your online booking system saves and stores this interaction. When the patient attends their first treatment you can enact #1 (above).
- All the commercial email you send to your clients must contain the full name of the sender along with valid address and contact information. You are likely already doing this, as it makes sense to provide your patients with a way to get in touch with you. That said, with CASL it is no longer an option.
- All of your commercial messages must provide the recipient with a working mechanism (automated or manual) for them to opt-out of receiving any further electronic correspondence from you. It is also very important that you monitor, store and honour all unsubscribe requests within 10 days to ensure CASL compliance.
Jessica Foster writes on behalf of mindZplay Solutions, provider of massage therapy websites and practice management solutions. To learn more, visit www.massagemanedger.com