The ABC’s of Email Regulations | Striata
  • Subscribe   
  • Subscribe   

The ABC’s of Email Regulations

Email regulations

Email may be one of the fastest growing communication channels that we have today, so it’s not surprising that so many companies use it as a main form of customer communications. What they learn however, is that sending emails is not as easy as it may seem. There are actually a lot of rules and regulations around email distribution, that have to be followed by all ESPs. I can already imagine your heads hitting the keyboards, as you fall asleep at the mere mention of email regulations!

Instead of providing naptime material, I hope to keep you engaged by taking you through a few steps explaining the ABC’s of Email Regulations.

The ABCs of Email Regulations infographic header

A for Anti-Spam is for Anti-SPAM regulations. As in CAN-SPAM compliance. Senders can face large fines if they don’t follow these regulations:

  • • Don’t use false or misleading header or subject line information
  • • Tell recipients where you’re located
  • • Tell recipients how to opt-out of receiving your emails
  • • Honor opt-out requests within 10 days
B for Best Practice is for Best Practice. Including an unsubscribe functionality in an email is a great example. While many types of transactional emails don’t require unsubscribes, you should always present this option and make it easy for end users to action it.
C for CASL is for CASL. Canadian Anti Spam Legislations. If you are sending emails to or from Canada, you need to be aware that CASL has taken your basic CAN-SPAM compliance to another level by adding these additional requirements:

  • • Explicit or implicit consent
  • • Companies must retain a record of consent confirmations
D for Data is for data, as in ‘electronic protected health information” (e-PHI) pertinent to HIPAA regulations. HIPAA is Health Insurance Portability and Accountability Act and it aims to protect the confidentiality and security of healthcare information. There are 5 categories of requirements that relate to email:

  • • Access controls: who can access e-PHI
  • • Audit controls: safely storing e-PHI
  • • Integrity: ensuring there is no tampering with or destroying e-PHI
  • • Transmission security: safely sending e-PHI
  • • Authentication: the correct recipient must receive e-PHI
E for eSign Act is for the eSign Act. eSign states that electronic signatures, contracts, and other records relating to “transactions in or affecting interstate or foreign commerce” have the same weight and force in law as their paper counterparts. So, go ahead and give recipients the option to sign their documents or policies electronically!
F for FTC is for Federal Trade Commission (FTC) ‘Red Flags’: potential patterns, practices, or specific activities indicating the possibility of identity theft. Companies must comply by taking specific steps to limit the risk of identity theft for existing customer transactions.If you are sending emails on behalf of creditors or financial institutions, make sure sufficient authentication methods are in place to safeguard the attached, confidential documents, such as bills, statements or policies.
G for Guidance is for guidance. When is doubt – ask an expert! We are always happy to help you navigate through email rules and regulations, so you can deliver your email campaigns successfully!

Get in touch with us

Keen to find out more or get an expert's opinion?

By submitting your details via this form, you are consenting that we receive and store your information for the exclusive purpose of contacting you.
  • We will not share or publish your information or process it for any other reason.
  • Once your request is fulfilled, we will either delete your information or request your consent for further processing.
  • Please find additional information in our Privacy policy.
View our Terms of use | Protected by reCAPTCHA.