The latest news from Zinc Digital
Every business within the EU needs to be preparing for the new GDPR. The 25th May 2018 deadline is nearing, and from that day your business is at risk of substantial consequences if it is found to be non-compliant.
If you’re researching GDPR, it’s likely that you’re already aware of many of the obligations that your company has. Nevertheless, to begin with your company will need to undergo a gap analysis that can tell you where you need to improve.
Alongside your gap analysis, there are a few things that almost every business uses in their day-to-day running that could cause problems with compliance with GDPR.
Check What’s Being Collected – make sure that the data that you are collecting isn’t personally identifiable by the GDPR’s regulations. This means that analytics shouldn’t be collecting usernames in your page URLs, phone numbers in form completions or email addresses.
Turn on IP Anonymisation – the GDPR considers an IP address as Personally Identifiable Information. Therefore, you should make sure to protect this by turning on IP address anonymisation. We will be implementing this as standard for any clients who we set up Google Analytics for. If youd like any help with this, please get in touch with our support team.
Almost every website has a form for customers to use to get in touch. Previously, entering your details into a form like this would likely sign you up to a mailing list and potentially even lead to your details being passed along. Now, your forms need to be transparent regarding the data they are collecting.
Consent – Affirmative consent is one of the most important new additions to the regulations. Your forms need to have a checkbox in which the user agrees to their data being stored, and to being contacted as a result of the form. You’ll need to be clear about why you’re collecting the data, and what you’ll be doing with it.
An SSL Certificate is already an important addition to any site that handles data, but with the new GDPR obligations it is now vital. Although it’s not required to be fully compliant, an SSL will encrypt any data that your site transmits to ensure that it cannot be intercepted. In the event of an audit, having an SSL will show that you are making every effort to protect your users.
When purchasing an SSL, you need to be aware of the difference between the low-cost and premium SSL certificates. There are number of providers online that offer SSLs at a reduced price. The majority of SSL certificates use the same SHA-2 and 2018-bit encryption; the main difference between these SSLs and the ones provided by premium organisations such as Zinc is the level of warranty available. In the event that your end user loses money as a result of an SSL failure, your provider will reimburse them. Low-cost SSL providers offer a far smaller warranty, putting your company in the position that they may have to compensate a user for their losses in this instance. Zinc Digital offer Thawte SSL Certificates that offer a minimum warranty of $500,000.
The information needs to be updated to provide the facts about:
This information should all be known to you through your standard GDPR preparations, and could even help you to discover gaps in your strategy that could lead to sanctions in an audit.
Zinc Digital are undergoing a Gap Analysis to highlight the improvements we should be making on our protection regulations. We advise that all organisations take this step as their first point of action. We can then assist you in implementing the changes you will need to make as a result of this.
We can help your business with:
Call us today to discuss your gap analysis and begin your journey to GDPR compliance.
Our accreditations - you're in safe hands...
Sponsored for digital
business growth by: