You will likely already have heard about the new privacy regulations coming into force next May. The GDPR (General Data Protection Regulation) will be in force from 25th May 2018, and has huge implications for businesses small and large.
I am in the process of pulling together some guidelines for clients as to how this impacts business websites. At a very broad level, the key questions that we need to start asking are:
- Is your website collecting, processing and storing user data?
- If so, what data? Is this necessary? (according to the legal grounds outlined in GDPR)
- Is data been collected, processed and stored in a GDPR compliant way?
- If not, what do we need to change to ensure compliance?
Most businesses will need to introduce at least some changes to ensure their website is GDPR compliant. The WordPress eco-system, being US-centric, has been slow to wake up to the requirements of GDPR, but we are now beginning to see momentum gathering. I hope to post another update before the end of this year with more information & recommendations.