GDPR is officially upon us and many business across the EU are feeling the pressure of the new regulation. The hefty potential fines and extensive documentation requirements are causing a lot of companies to re-evaluate how they operate their business. The GDPR’s requirements are related to understanding a company’s data, how it is used, how it is stored, and how long it is kept. It is critical for all EU businesses to take this regulation seriously as it is considered the most stringent and significant personal data protection law ever to come into effect. Depending on the violation, regulating bodies will have the power to fine companies at a much higher rate than what was previously allowed.
While big fines make big headlines and gain traction for new regulations, major regulating bodies such as the ICO, the privacy regulators in the UK, have publicly stated that making early examples of organizations by collecting massive fines for minor infringements will not be the most effective way to ensure that the personal data rights of citizens are protected. Financial penalties should be the last resort as these regulating bodies prioritize educating, supporting and advising organizations on how to become compliant. Moreover, it’s not just EU businesses who are scrambling to become GDPR-ready, the regulating bodies are also in a similar position. Just this month, 17 out of the 24 EU regulation authorities surveyed stated that they lack the necessary funding, preparation and capacity to fulfill the GDPR. For example, Isabelle Falque-Pierrotin, president of France’s Data Protection Authority recently stated that “Even if you’re not finished [preparing for the GDPR] on the 25th this is not a problem. This is a learning curve, and we will take into account, of course, that this is a learning curve.”
Even though EU businesses and regulators alike are facing uncertainties with regards to the GDPR, it is still important that all parties continue to make strides towards implementing compliancy measures, processes and procedures.
To help address three important GDPR requirements, Modix has developed the ‘GDPR Readiness Package’ for our clients. This package includes website features that:
These features demonstrate or communicate:
Modix has worked with a team of data protection legal experts to design features that help to meet the GDPR standards required of all EU businesses that collect personal data on EU citizens.
Lead submissions are one of the most valuable pieces of data to all businesses. The ability to maintain connections with your prospects is key to any marketing strategy. The Marketing Consent Feature helps to ensure that you are collecting leads in a transparent manner and enable your prospects to build trust with your business by controlling their own marketing preferences.
The Marketing Consent Feature also enables you to manage, filter and delete prospects directly within the Modix CMS. This is important so that if you receive a request from a Data Subject (someone who has previously submitted a lead), you can edit or remove their data or adjust their marketing preferences accordingly.
Secure web browsing became an important topic last year when the major search engines started requiring SSL encryption for web browsing. All websites that collect personal data are required by GDPR to encrypt the data in transit with SSL. By upgrading to SSL, you will ensure that your data utilizes the secure HTTPS protocol. Not only will you meet the GDPR requirement to protect personal data, but you will also improve the experience for your website users and positively influence your SEO results. You can read this blog post for more information on how SSL can improve your website experience.
Modix understands the complexity and challenges associated with meeting GDPR requirements. You can read this blog post for more information on how Modix is approaching the GDPR. Please contact your Modix representative for more information on how to meet these three important GDPR requirements with the GDPR Readiness Package.