The General Data Protection Regulation (GDPR)
is a set of new laws for Europe dealing with the privacy of consumers. It’s specifically focused on citizens of the European Union and how businesses will handle data for them.
HOWEVER – Don’t think this doesn’t mean you. The entire Internet will be affected because the EU wants the law to apply to any website where a citizen of the UE can visit. This specifically applies to any website that stores data about their visitors.
Even simple things like getting someone to sign up for your newsletter, comment on a blog post, or send you a simple contact form. This data is not always stored, it depends on the plugin you use, and may not be stored by your website at all, e.g. you may be using a 3rd party like MailChimp. However, according to what I can figure out – the EU will still consider it your responsibility.
How likely is is that an EU visitor will interact with your site?
How likely is it that they would have a problem and set the EU web police on to you?
Who can say – that’s your risk to calculate. My job is to let you know this is coming and assist you in figuring this stuff out. It’s always good business practice to have a “Policy” or “Privacy” document in place on your website anyway so why not go ahead and consider some small measures to CYA? The new law ask that a business specifically states what data it collects, where it is stored and what it is used for. The document should also layout what someone can do to have that data deleted if they choose.
This is what I have gleaned so far;
GDPR comes into effect May 28, 2018.
If you can believe this – the fine for non-compliance is up to 4% of annual global turnover or €20 Million (whichever is greater).
The EU can block your website (in Europe I believe).
Businesses that are public authorities, engage in large scale systematic monitoring, or engage in large scale processing of sensitive personal data will need a Data Protection Officer (DPO) – this is not you 🙂
You’ll need to assess the risk of your data and take extra precautions to protect it.
My advice for what it’s worth;
Put together a policy document that we can put on the website – CYA.
Don’t collect any info you don’t actually need.
Delete data you don’t need to to keep long term to ensure it isn’t at risk.
There are plugins now available to assist with compliance and data deletion (by site visitors).
Even with the extra cost of completeing this work, the data you collect is still good to have because you can target your audience better. You can advertise to your actual audience without having to make costly guesses about who they are and what they’re interested in.
This shouldn’t be a big job, unless you want it to be, so give me a call or email and we can talk about it and figure out what you need.
Attacks launched against WordPress websites continue to increase with recent the announcement of multiple plugin and theme vulnerabilities. These malicious hackers vary from the idiotic to the well, frankly, evil. If they can gain access to your website they may, no WILL, wreak havoc. Google will put up a Malicious Site Warning and you are done until you can get cleaned up and the site reviewed and cleared.
As your trusted web services company, we urge you in the strongest possible terms to please take some precautions to protect your investment, your reputation and your business. There are a few simple things you can do TODAY – NOW to reduce your risk:
# 1 – Upgrade your WordPress version, your plug-ins and any WP themes to the newest versions available.
# 2 – Update your main admin login from the generic “admin” to something else, AND change your passwords to something much more complex and therefore more secure. Use upper & lower case letters, AND numbers, AND symbols. I know this is a pain but seriously, you have no idea of the pain involved in the alternative!
# 3 – Login to your hosting control panel regularly and take backups that you can download off-site so you will always have something to go back to if the worst happens.
If you don’t feel comfortable upgrading WordPress and the plugins on your own, we’re happy to do this for you. We offer monthly WordPress Maintenance Options to take this task off your To Do list, period.
Our monthly plans cover all basic updates, security, and monitoring, and can also include content updates to keep your website fresh and on the search engine radars. Get started today!
Dont let this happen to you!