Yes, It's Important - Start the Compliance Audit with your CMS and Website
GDPR is spurring confusion and conversations around compliance, data collection, and privacy, especially among marketing and IT teams. Who needs to be compliant? How does an organization become compliant? Is this relevant to my organization?
The answer is likely yes, it’s relevant to your organization. Take a deep breath, relax, and get ready. One of the first areas to evaluate how to become compliant with these new regulations is your website.
For those who are new to the conversation, the General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679) is a regulation by which the European Parliament, the Council of the European Union, and the European Commission intend to strengthen and unify data protection for all individuals within the European Union (EU). It goes into effect on May 25, 2018 (that less than 4 months as of this blog post), and the price for noncompliance is hefty.
The fines for noncompliance depend on the organization. The regulation states that fines can be the greater of either 4% of a organization’s annual revenue or €20 million (almost $25 million). That is a lot, so the fear of noncompliance in some cases is warranted.
Typically, though, your organization may just require a few tweaks to the way you think about customer data and tools used to collect it on the internet. The basic concepts around these changes are designed to provide consistency and transparency to how individuals provide their information and what organizations are allowed to do with it.
For those thinking they’re not European companies or have yet to acquire European customers, this still affects you. These regulations not only apply to companies that reside in the EU, but to any organizations that does business with or simply interact with EU citizens. So, it essentially applies to any company that has somewhat of a global reach. With the internet, that means 99% of organizations, likely including yours.
So, as web and content marketing geeks, we’ve put together a checklist of some things you can do on your site today to help start the compliance process. This is a start and by no means an exhaustive list, and we recommend hiring a professional auditor to help guide your organization through the compliance process.
Here’s the first steps to compliance on your marketing sites.
SECURITY IN YOUR CMS
While your choice in CMS/WCMS can make it easier to quickly make changes and generally comply with these regulations (especially around security and data collection), ultimately the adherence to GDPR falls on your organization and the practices it implements to support the new policies.
Following this checklist is a great head start to becoming GDPR compliant, though we recommend hiring an expert to help streamline your organization and ensure compliance, as it goes much deeper than simply your website and CMS.