Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Online Privacy Regulations | What You Need to Know

76 views

Published on

This presentation was delivered at the American Academy of Ophthalmology meeting 2019 in San Francisco, CA.

Online regulations, including the GDPR (General Data Protection Regulation), may affect you and your website if even your business is located in the United States.

Recommendation to comply with personal data protection with regard to cookies, GDBR best practices and why everyone needs an SSL/HTTPS.

Randall Wong
Grant Wong MS III
www.SunriseHostingServices.com
www.MedicalMarketingEnterprises.com
www.RussandRandy.com
randall.v.wong@gmail.com

Published in: Marketing
  • Be the first to comment

  • Be the first to like this

Online Privacy Regulations | What You Need to Know

  1. 1. ONLINE PRIVACY REGS DO THEY AFFECT YOU? AAO 2019, Tech Pav Randall Wong, M.D. Grant Wong, MS III
  2. 2. Financial Disclosure • I have the following financial interests or relationships to disclose: • Co-Founder: • Medical Marketing Enterprises, LLC • Sunrise Hosting Services, LLC • RussandRandy.com
  3. 3. Randall Wong, M.D. • Ophthalmologist • Online Marketing • Medical Marketing Enterprises, LLC • Healthcare & Medical Internet Marketing • SEO • Reputation Management • Sunrise Hosting Services, LLC • Managed website hosting (virtual IT)
  4. 4. Goals • GDPR • Privacy • HTTPS
  5. 5. GDPR Data can not be stored on publicly accessible spreadsheets or unprotected documents. (Google, Dropbox, etc.) Data can no longer be collected without explicit permission. Data can no longer be collected without a detailed description of how and what it will be used. Users must have an easy way to withdraw consent and have their data erased. Organizations must have clear processes to detect, report and investigate data breaches.
  6. 6. GDPR – General Data Protection Reg • May 25, 2018 • Applies to any organization that collects and stores personal data on European (EU) users on websites. • Aimed at protecting personal data of EU residents • 4% of global revenue • $ 24 million • € 20 million
  7. 7. Does Your Website • Collect personal data • Attract visitors from EU? • Examples: • Comments • Contact Forms • Opt In • Analytics • Security Tools/Plugins
  8. 8. Privacy - Data • Name • Phone • Address • IP address • Cookie History • Health/Mental Data • Racial/Cultural/Ethnic • Political Opinions • Sexual Orientation
  9. 9. Checklist • HTTPS • Create cookie policy • Privacy policy – how do you collect and protect user data • Prove consent from users – keep records • Avoid pre-ticked boxes on sign-up forms • Opt-in vs. opt-out • Easy option to withdraw consent and remove data
  10. 10. Checklist • Website content and inquiry forms must use SSL • Analytics must be GDPR compliant • Pseudonymization/anonymization - Database must store information by account name only and not by account information • This list is not complete nor necessarily accurate
  11. 11. What Can You Do? • All forms and website requests  opt-in • Easy opt out with instructions • Cookie alert banner • Update privacy policy and terms of use to use GDPR terminology • Block EU traffic?
  12. 12. Cookie Alert Banner • This site uses cookies to analyze traffic and for ad measurement purposes
  13. 13. Cookies • Tiny files sent to your browser to allow a website to remember your preferences to present you with customized web pages. • Examples • Shopping preferences
  14. 14. HTTPS • HyperText Transfer Protocol Secure • Created due to lack of Security • Insures security between website (server) and browser • Data/Communications are encrypted • Prevents “Man-in-the-Middle” Attacks • HTTPS – Deals only with communications between your computer and a website.
  15. 15. Man In the Middle HTTP
  16. 16. HTTPS – Encrypted and Secure
  17. 17. SSL – Secure Socket Layer • A certificate issued to allow the HTTPS designation to your URL • SSL allows HTTP -- HTTPS
  18. 18. Why Need SSL • Protect privacy • Credit Card information • Websites with eCommerce • Personal information • Shopping history • Browsing history • Information you receive is as intended • SEO – without HTTPS you don’t rank as well
  19. 19. #1 Reason you need HTTPS • Chrome 62 - SEO • Websites without HTTPS are going to be flagged as “Not Secure”
  20. 20. Site is Not Secure • Not Trusted • Affects Your Brand • Outdated • Website not trusted • Business not trusted • Hosting Company • Purchase SSL • Renewable • Free
  21. 21. “Safety and Security….Trust”
  22. 22. To Your Success! Randall V. Wong Randall.V.Wong@gmail.com

×