Strong Web Presence? Are You GDPR Ready?
Do you have a presence on the web? If so, you had better review your liability for General Data Protection Regulation (GDPR). Do you market to EU countries? They – whoever ‘they’ are – have clarified that generic marketing doesn’t count. So, if an EU citizen accessed your non-EU website and provided personal information, then you wouldn’t be liable.
But it does get tricky. If you have EU companies listed on your website and the page is written in the native language, then you are liable. If you accept currency of the country or, heaven forbid, have a domain suffix of the country, liable again.
Now, if you create online marketing activities directed at the EU, then forms and interactions fall under the GDPR. You will need to get explicit consent and it must be “freely given, specific, informed, and unambiguous.” If you are collecting email addresses, you will need a checkbox with clear language about what you are going to do with the email address – no legalese is allowed. If something is purchased, you need explicit permission for each, yes each, type of processing done.
If you don’t have any EU presence, and no one from these countries will ever access your website, you are home free. But maybe it’s a good time to evaluate your ‘best practices.’ I don’t need to tell you data breaches are on the rise. And although the big companies get all the press, most cybercriminals target small and medium size businesses. I bet most readers of this did not know that. Small physician practices, fire departments, and police departments, for instance, are ripe for data breaches. They just don’t know.
That’s what our software does best. Finds the hidden data that can cost you money, and cost you your reputation. It’s a good time to clean up your data and content. There is a reason for the trite expression “It’s better to be safe than sorry.” Even if GDPR doesn’t impact your organization, have you addressed your security and compliance best practices?
To get to grips with GDPR, access our Enough Talk – Solving GDPR Problems Through Metadata-Driven Compliance recording. This webinar explains not only the ramifications of GDPR but also how to address the compliance issues. It examines the tactical aspects of the solution, little-known stumbling blocks, and different tools that automate changes and provide an audit trail for compliance.