The American Society of Anesthesiologists (ASA) is the professional home for more than 60,000 members—the majority of whom are practicing anesthesiologists and anesthesiologists in-training. The ASA's digital presence is a critical resource: members come to the site to stay informed, review standards and guidelines, and access the education they need for lifelong learning and to maintain their certification.
For Gonzo Schexnayder, the ASA's Product Management Executive, the mission is clear: "Our goal is to help our members get the information they need, as quickly as possible, so they can help their patients." That means every element of the digital experience, including how member data is collected and protected, must reflect the same standard of care that ASA's members bring to their patients.
The ASA's members don't just work in organizations that take privacy seriously—they work in environments governed by HIPAA. They understand the consequences of data mishandling more viscerally than most. That context shapes how ASA thinks about its own privacy obligations across its digital properties.
Before implementing Osano, the ASA had already established a thoughtful approach to privacy—maintaining GDPR acknowledgements on login and registration forms, regularly reviewing its privacy standards and terms of use, and continuously evaluating ways to strengthen member trust and transparency. As privacy expectations and regulations evolved, the ASA identified an opportunity to build on that foundation with more sophisticated consent management capabilities.
Cookie consent presented an area for enhancement. The ASA wanted greater visibility into different categories of cookies, more granular preference controls for members, and the flexibility to tailor consent experiences to an increasingly complex landscape of state-level privacy regulations.
"We were looking for ways to take our privacy program to the next level," Schexnayder acknowledged. "Our existing processes reflected our commitment to protecting member data and being transparent about our practices. Osano’s cookie consent solution gave us additional tools to provide members with more choice and control, while helping us scale our approach as privacy expectations continue to evolve."
As privacy regulations expanded across the United States, the value of a more robust consent management solution became increasingly clear. The ASA's data governance team was already monitoring legislative developments, and as new state-specific requirements emerged alongside frameworks such as the GDPR and CCPA, the organization recognized the benefits of a scalable solution that could adapt to a rapidly changing regulatory environment.
"Our team was already monitoring privacy developments, but the vendor evaluation process gave us a deeper appreciation for how diverse state requirements were becoming," said Schexnayder. "It reinforced the importance of having tools that could adapt as the regulatory landscape continued to evolve."
A small team of ASA staff evaluated multiple vendors before selecting Osano. The evaluation framework was shaped by the ASA’s product-led culture. That meant they were not looking for a tool that just checked compliance boxes on paper. They were looking for something that delivered a genuinely good member and staff experience—and that wouldn't require the ASA's legal team to become privacy law experts to operate it.
If a privacy solution is difficult to implement, then it doesn't matter what it's capable of. The ASA wanted a privacy solution that could support their compliance straight away, and they found that in Osano. "The installation was really easy,” said Schexnayder. “It's a single line of code and our implementation rep walked us through configuration." From there, the team worked through bucketing and categorizing the cookies the platform identified.
The hands-on support from Osano's implementation team made the process quick and painless. "Our team had all the help that they needed, and we got all our questions answered," said Schexnayder. "It was a pretty simple experience."
The ASA deployed the code, classified a small batch of additional flagged cookies in the days immediately following launch, and were up and running within two weeks. Since then, the platform has required minimal ongoing attention.
The impact of switching to Osano has been felt across the ASA's privacy program—not through dramatic interventions, but through the steady, quiet confidence that comes from knowing a critical piece of your compliance infrastructure is working.
Members have more control: Since installing Osano cookie consent tools, ASA members can now choose the types of cookies they want: those necessary for site functionality and optionally, those tied to advertising or analytics. "We wanted to give our members the option to pick and choose how they wanted to interact with our digital content, and Osano allowed us to do that," said Schexnayder.
The legal team spends less time monitoring privacy regulations: Osano's compliance guarantee and automated state-specific updates mean the ASA's legal team doesn't have to monitor the regulatory landscape independently. Their legal team already had a full plate between managing member privacy, product compliance, and data governance. They can now focus on strategic work rather than regulatory surveillance.
Day-to-day management is minimal: "There's really not a lot to think about," said Schexnayder. "We get an email that lets us know if we have new configurations at launch. Mostly we don't because we control everything through Google Tag Manager." The tool operates in the background, doing its job without demanding attention.
No fuss, no muss: Since launch, Schexnayder is not aware of any member complaints or support contacts related to cookie consent. That silence speaks volumes. "Our members don't call us when they can accomplish their goals on the website—they call us when they can't, when something's broken. And my team, which manages member experience issues, has not heard of one about cookie consent. So that tells us that it's working and it's doing what it's supposed to do."
A higher standard of compliance without the complexity: Since implementing Osano, Schexnayder and the ASA team have felt the confidence that comes from knowing their compliance is in good hands. "The fact that we enhanced our privacy program while keeping the experience simple for members is a big win for us," said Schexnayder. Without the burden of managing a complex solution, the ASA has been able to focus on serving their members; not endless configuration work, support calls, or legal research.
For organizations in healthcare and adjacent industries evaluating consent management solutions, Schexnayder has a clear message:
"Understand the variability of privacy and compliance requirements by state. Organizations should evaluate whether a one-size-fits-all consent approach adequately reflects the growing variation in state privacy requirements. Having a single cookie consent form with a general statement may not be as protective as Osano’s approach to tailoring compliance specific to where users live."
Many organizations—particularly those focused on HIPAA compliance—may not realize how many additional state-level requirements now exist beyond the GDPR and California's laws. The compliance landscape has grown far more complex, and the expectation that a single blanket policy will provide adequate protection is increasingly out of step with regulatory reality.
For a healthcare association whose members hold privacy as a professional and ethical value, the ASA knew that having a consent platform sophisticated enough to match those standards wasn’t just a nice-to-have. It was the only acceptable option.
Ready to give your members or customers the privacy experience they deserve? Book a demo with Osano today