Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

GDPR | New Policy Regs that Affect Your Website

42 views

Published on

GDPR, the General Data Protection Regulation, was instituted in May 2018 to protect the privacy of the people of the EU countries. This presentation explains the penalties of failing to comply with the GDPR, why the GDPR potentially affects websites of US based businesses and possible remedies.

We are not lawyers and do not pretend to offer legal advice, but merely highlight the major points of the GDPR and why US based companies/businesses/medical practices need to know their potential responsibilities.

Randall Wong
Medical Marketing Enterprises
Sunrise Hosting Services
www.MedicalMarketingEnterprises.com
www.SunriseHostingServices.com

Published in: Marketing
  • Be the first to comment

  • Be the first to like this

GDPR | New Policy Regs that Affect Your Website

  1. 1. ONLINE PRIVACY REGS DO THEY AFFECT YOU? AAO 2018, Tech Pav Sunday, October 28, 2018 Randall Wong, M.D.
  2. 2. Financial Disclosure • I have the following financial interests or relationships to disclose: • Co-Founder: • Medical Marketing Enterprises, LLC • Sunrise Hosting Services, LLC • RussandRandy.com
  3. 3. Randall Wong, M.D. • Ophthalmologist • Online Marketing • Medical Marketing Enterprises, LLC • Healthcare & Medical Internet Marketing • SEO • Reputation Management • Sunrise Hosting Services, LLC • Managed website hosting (virtual IT)
  4. 4. GDPR – General Data Protection Reg • May 25, 2018 • Applies to any organization that collects and stores personal data on European (EU) users on websites. • Aimed at protecting personal data of EU residents • 4% of global revenue • $ 24 million • € 20 million
  5. 5. Goals • GDPR • Privacy • HTTPS
  6. 6. GDPR Data can not be stored on publicly accessible spreadsheets or unprotected documents. Data can no longer be collected without explicit permission. Data can no longer be collected with a detailed description of how and what it will be used. Users must have an easy way to withdraw consent and have their data erased. Organizations must have clear processes to detect, report and investigate data breaches.
  7. 7. Does Your Website • Collect personal data • Attract visitors from EU? • Examples: • Comments • Contact Forms • Opt In • Analytics • Security Tools/Plugins
  8. 8. Privacy - Data • Name • Phone • Address • IP address • Cookie History • Health/Mental Data • Racial/Cultural/Ethnic • Political Opinions • Sexual Orientation
  9. 9. Checklist • HTTPS • Create cookie policy • Privacy policy – how do you collect and protect user data • Prove consent from users – keep records • Avoid pre-ticked boxes on sign-up forms • Opt-in vs. opt-out • Easy option to withdraw consent and remove data
  10. 10. Checklist • Website content and inquiry forms must use SSL • Analytics must be GDPR compliant • Pseudonymization/anonymization - Database must store information by account name only and not by account information • This list is not complete nor necessarily accurate
  11. 11. What Can You Do? • All forms and website requests  opt-in • Easy opt out with instructions • Cookie alert banner • Update privacy policy and terms of use to use GDPR terminology • Block EU traffic?
  12. 12. Cookie Alert Banner • This site uses cookies to analyze traffic and for ad measurement purposes
  13. 13. Cookies • Tiny files sent to your browser to allow a website to remember your preferences to present you with customized web pages. • Examples • Shopping preferences
  14. 14. HTTPS • HyperText Transfer Protocol Secure • Created due to lack of Security • Insures security between website (server) and browser • Data/Communications are encrypted • Prevents “Man-in-the-Middle” Attacks • HTTPS – Deals only with communications between your computer and a website.
  15. 15. Man In the Middle HTTP
  16. 16. HTTPS – Encrypted and Secure
  17. 17. SSL – Secure Socket Layer • A certificate issued to allow the HTTPS designation to your URL • SSL allows HTTP -- HTTPS
  18. 18. Why Need SSL • Protect privacy • Credit Card information • Websites with eCommerce • Personal information • Shopping history • Browsing history • Information you receive is as intended • SEO – without HTTPS you don’t rank as well
  19. 19. #1 Reason you need HTTPS • Chrome 62 - SEO • Websites without HTTPS are going to be flagged as “Not Secure”
  20. 20. Site is Not Secure • Not Trusted • Affects Your Brand • Outdated • Website not trusted • Business not trusted • Hosting Company • Purchase SSL • Renewable • Free
  21. 21. “Safety and Security….Trust”
  22. 22. AAO 2018 | Sunday New Online Regulations that Affect You 11:45 – 12:15 PM Location: Tech Pav 220 – Live Website Analysis 2:00 – 3:00 PM Location: S103D
  23. 23. AAO 2018 | Monday & Tuesday Monday | October 29, 2018 Creating Effective Content 3:00-4:00 PM Location: Tech Pav Tuesday | October 30, 2018 633 – Protect Your Online Reputation/Improve Local SEO 10:15 – 11:15 AM Location: S106B
  24. 24. To Your Success! Randall V. Wong Randall.V.Wong@gmail.com

×