General Data Privacy Regulation Q&A Session
Posted on June 27, 2019
The General Data Privacy Regulation (GDPR) is the European Union’s (EU) new data privacy law. It gives people more control over their personal data and forces companies to ensure that they are collecting, processing, and storing data in a safe way. In the webinar and the description below, we will dive into what this law entails for your business.
My name is Chad Spaude and I am the Director of Web Services at Top Floor. Today we are going to discuss the General Data Privacy Regulation, or GDPR, and how this law will affect your website. Keep in mind that this isn’t meant to be legal advice; I am simply giving my interpretation of this new law based on what I’ve read and Top Floor’s internal lawyers. Effective on May 25th, 2018, GDPR will most likely impact organizations that use data on people from the EU countries, companies that have a direct relationship to Europe, and websites that can be visited by anyone from the EU. In order to comply with this new law, there are some steps you need to complete. Some steps include:
- Creating a list of marketing and tracking software, website forms, 3rd party agencies and services, and other tools used that collect and process user information.
- Creating a documented plan to be able to remove and allow the editing of personal/sensitive data.
- Creating a documented plan to export and provide user data.
- Updating your web forms and other data collections points.
- Perform an audit of your website’s current permission levels and which users have access to what information. You need to make sure that users can’t access other user’s information.
- Encrypt sensitive data where/when possible.
- Create a plan to handle data breaches.
- Document everything.
Have any questions? We may have answered them Q&A portion of the video which starts at 20:28. You can also reach out to us directly for more information.