Page 276 - Washington Nonprofit Handbook 2018 Edition
P. 276

•      Ensure that an advertisement’s “text, graphics, hyperlinks, or sound do
                              not distract consumers’ attention from the disclosure.”


                       If you sell other companies’ products on your website, be aware that the FTC
               may also hold you responsible for misleading ads and product descriptions, even
               when those materials are provided by the manufacturer.

                       b.     Children’s Online Privacy Protection Act


                       Nonprofit  organizations  that  collect  information  from,  or  is  attractive  to,
               children under thirteen, should be aware of the Children’s Online Privacy Protection
               Act,  which  requires  that  businesses  and  organizations  “obtain  verifiable  parental
               consent  for  the  collection,  use,  or  disclosure  of  personal  information  from
               children.”  15  U.S.C.  section  6502(b)(1)(A)(ii).    Even  if  your  site  is  not  targeted  at
               children, you could be subject to requirements under this law if you collect age or
               date of birth information during online registration and do not block children from
               registering.


                       c.     Health Insurance Portability and Accountability Act (“HIPAA”)

                       Nonprofit organizations that are hospitals or its foundation, must be aware
               of HIPAA.  Specifically, in the case of healthcare fundraising, hospitals cannot target
               segmented  fundraising  mail  to  former  patients  without  their  express  written
               consent.  For instance, if a person goes into the hospital as a cardiac patient, the
               hospital’s  fundraiser  or  foundation  cannot  target  that  former  patient  as  having
               been in the cardiac care unit without his or her written permission.


                       d.     Your Organization’s Privacy Policy


                              (i)    Online Privacy Protection Act (California State Law)

                       Owners  of  websites  anywhere  in  the  country  should  be  aware  of  the
               provisions of California’s Online Privacy Protection Act of 2003 (codified in Cal. Bus.
               Code sections 22575 - 22579), which went into effect July  1, 2004.  It requires an
               owner  of  a  commercial  website  or  online  service  (“operator”)  that  collects
               personally identifiable information through the internet about individual California
               resident  consumers  to  conspicuously  post  its  privacy  policy.    An  individual’s
               personally  identifiable  information  includes  his  or  her  name,  address,  e-mail
               address,  phone,  social  security  number,  identifying  information  that  enables
               physical or online contact with such individual, and other information collected and
               maintained  in  personally  identifiable  form  in  combination  with  the  preceding







               WASHINGTON NONPROFIT HANDBOOK                -265-                                       2018
   271   272   273   274   275   276   277   278   279   280   281