Children's Online Privacy Protection Act
TCPA Internal Do Not Call List
- cannot telemarket to residential phone numbers listed on the entity's Internal Do Not Call List even if an EBR exists (this list is separate from the National DNC Registry)
CAN-SPAM Email Addresses
- Do not send commercial email messages to addresses obtained: 1) by 'harvesting' from web sites / web services 2) through 'dictionary attacks' that generate possible email addresses
TCPA Recording Keeping Requirements
- after a sale to a customer is completed over the telephone, retain all relevant campaign records for 24 months from the date the record was produced
CAN-SPAM Compliance Requirements Email Content
- all commercials must contain: 1) Truthful header (From, To, Email Address) and subject info that is accurate and not deceptive 2) Clear and conspicuous identification that the message is an advertisement or solicitation 3) Physical postal address / P.O. Box of the sender 4) A functioning return email address / Internet-based response mechanism that allows the recipient to request no additional commercial email communications / unsubscribe from newsletters - the mechanism must not require recipient to submit add'l info beyond requestor's email address in order to honor the request and be free of charge
JFPA covers:
- all entities that engage in fax advertising
TCPA Telemarketing
- before presenting an ind w/ a sales offer by telephone (via outbound call / inbound up-sell call), state the following: - Your Name - The name of the person / entity on whose behalf the call is being made - a telephone number / address at which they may be contacted - the fact that you intend to make a sales offer
TCPA Telemarketing Calling Times
- can make telemarketing calls only between the hours of 8:00am and 9:00pm (local time of the party being called)
JFPA Requirements:
- can only send fax ads if the entity: 1) has an EBR w/ the recipient 2) Obtained the fax # from a directory / obtained express permission 3) Provides an opt-out in the fax that must: - be clear and conspicuous - on the first page of the fax - provide cost-free means to opt-out that is available 24 hrs / 7 days per week - Honor Do Not Fax requests w/in 30 days
TCPA Pre-Recorded Messages
- do not call any phone via an auto dialer to deliver an artificial or prerecorded voice w/out prior express consent of the called party, unless the call is made to a person w/ whom you have an EBR at the time the call was made - the FTC requires and automated key-press or voice-activated interactive opt-out so that consumers can opt-out as easily as if engaged in a live telemarketing call
CAN-SPAM Email to Wireless Domains
- do not send commercial email messages to wireless domains w/out express prior authorization
TCPA Automated and / or Predictive Dialer Calls to Cell Phones
- do not use an automatic telephone dialing system (or an artificial or prerecorded voice) to call any telephone number assigned to a paging service, cell telephone service or any service under which the called party is charged for the call w/out express consent
JFPA Fax Identifying Info:
- ensure that each transmitted page of a fax (or the top of the 1st page) provides identifying info including date, time sent, ID of the business, and fax # of the sending fax machine
TCPA Call Abandonment Rules
- ensure that no more than 3% of all calls answered by a person are 'abandoned' (not connected to a live operator w/in 2 seconds of the person's greeting) measured over a period of 30 days for each campaign
TCPA Do Not Call Policy
- entities performing telemarketing must maintain a Do Not Call Policy and provide it to consumers upon request
HITECH / HIPAA
- established privacy and security requirements for companies handling the personal health information of, or behalf of, its customers
HITECH / HIPAA Requirements
- must adopt policies and procedures to prevent, detect and contain security violations - maintain physical security of info and technical safeguards - BA must notify covered entity of breach of info w/out unreasonable delay and no later than 60 days after discovery - maintain required BA contracts est use and disclosure of info and appropriate info safeguards
TCPA Recording Requirements
- record all or part of certain types of telemarketing calls that result in the sale of products or services that involve novel or unusual payment offers, or are offered as free-to-pay or w/ negative payment options
TCPA Transmit Caller ID
- telemarketers must transmit caller's phone number (as well as, name, if technology permits), and the phone number transmitted must allow recipients to make a Do Not Call request during regular business hours
CAN-SPAM Email Opt-Out
- upon receiving a request to opt-out of commercial email, record and honor the request w/in 10 business days
HITECH / HIPAA Coverage:
-Covered Entity (health plan / health care provider) and Business Associate of a covered Entity - Individually identifiable protected health information maintained in any form / medium
TCPA Major Requirements National Do Not Call Registry
-cannot telemarket to residential phone numbers listed on the registry unless there is an Est Business Relationship (EBR)
COPPA Coverage:
-commercial websites that collect "personal information" from children under the age of 13
COPPA Requirements:
-provide notice on website of info collected from children; - advise how info is used and disclose practices - obtain verifiable parental consent before collection, use or disclose of child's personal info - cannot condition a child's participation in activity to disclose more info than is necessary to participate in activity - protect confidentiality, security and integrity of info collected - link to notice must be on same home page and at each area of the web site or online service where personal info is collected from children - provide a reasonable means for a parent to review the personal info collected and to refuse to permit its further use or maintenance
COPPA prohibits:
-unfair or deceptive acts / practices in collection, use and disclosure of personal information from and about children under age 13 on the Internet
COPPA
Children's Online Privacy Protection Act
CAN-SPAM
Controlling the Assault of Non-Solicited Pornography and Marketing Act 2003
EBR
Established Business Relationship -customer who has an open account -customer that closed an account had a transaction w/in the previous 18 months or consumers who has made an inquiry w/in last 90 days
HITECH Act
Health Information Technology for Economic & Clinical Health
HIPAA
Health Insurance Portability and Accountability Act
JFPA - 2005
Junk Fax Prevention Act
TCPA
Telephone Consumer Protection Act