*Asked & Answered
Asked - Is it common for an association to create a website and share certain information via this website with owners/residents of the community? If yes, what are the regulations?
Answered - Yes. A community website can be a valuable and effective communication tool by allowing residents to access homeowner association ("HOA") information 24 hours a day, seven days a week. While there are no specific regulations regarding HOA websites, there are a few pitfalls that should be avoided when sharing community information in a public forum.
A typical HOA website will provide informational tools to the residents, including access to HOA documents, calendar of events, board meeting agendas, contact information, etc. The board may post most of these items within a public area of the website. However, some items will need to be housed in a secure location. For example, access to the HOA's CC&R's, Bylaws, and other governing documents should be restricted to a "Members Only" location of the site, and be protected via a user name and password.
The board may also consider posting disclosure notices, such as the Annual Budget Report, Annual Policy Statement, and other community-wide disclosures on the site. As noted above, these documents should be contained within the "Members Only" section of the website. The HOA would still be required to provide these notices to the membership per the General Delivery requirements outlined in Civil Code § 4045; however, keeping a copy on the website provides the members with a quick and convenient location to obtain additional copies, if necessary.
If the HOA allows its members to review assessment account information, or pay assessments online, the members will need to able to access a secure area of the website in order to protect their private information. To protect the HOA from liability from data breaches, be sure to utilize a payment vendor that is PCI Compliant. PCI Data Security Standards include requirements to maintain a firewall to protect cardholder data, encrypt transmission of cardholder data, use and regularly update anti-virus software, assign a unique ID to each user, and regularly test security systems, among other things.
Blog post authored by Tinnelly Law Group's Director of Business Development, Ramona Acosta.
To submit questions to the HOA attorneys at Tinnelly Law Group, click here.