The GDPR came into effect on May 25th, 2018 making the way information is collected and processed more transparent. This is a law that was put into effect in the European Union (EU), meaning if you collect or process the information of residents, citizens, or visitors of people in the EU you will need to make sure that your website is GDPR compliant.
Follow our simple checklist to ensure that your business follows all of the rules and regulation under the new GDPR law:
- Define: The first thing you will need to do is research the GDPR and find what they define as personal information.
- Access & Identify: Next, go through all of your websites and applications and document which are collecting and processing personal information. The next step is to document what personal information you are collecting and for what reason. Some information can be buried deep in various fields, meaning you may have to do some digging to get accurate information. Considering the sheer volume of information that needs to be extracted this process probably won’t be able to be done manually and you may have to invest in some online tools to get the job done.
- Exporting and Deleting: With the GDPR users can request a copy of their information or ask that their data be deleted. You need to have a plan in place where you can, within 30-days, export a person’s data to them in a well-known format, or remove their information if need be.
- Protect: If you are collecting data of any kind you should already have security measures in place, but with the new regulations in place it’s a good idea to go over your security plan and see if anything needs updating. The GDPR requires that data collectors and processors have three levels of protection, encryption, anonymization, and pseudonymization. You should also take a look at data protection by design and see how these practices can improve the security of your site.
With the GDPR now in effect, it is important to your business that you comply with all of its rules and regulations. If you have any questions about the GDPR you can check out these articles in the HostPapa Knowledge Base:
You can also ask our award-winning support team any questions you might have 24/7/365 via phone, email, or live chat.