2018 Changes to Websites: GDPR, ADA, and SSL
If you have a website, 2018 was a key year for changes that you had little control over but need to be ready to comply with. These include regulations that mandate your use of customer’s personal information, accessibility for disabled people, and HTTP security.
Does your website comply with the new regulations? Here are the changes and how they affect SMBs to help your business remain compliant.
Changes to Use of Personal Information – Adoption of GDPR
The General Data Protection Regulation (GDPR) was activated on May 25, 2018. The new law changes how websites handle the information gathered from customers. It also expands the rights of consumers and gives them more control over their information.
Here are 3 things every small business owner in the U.S. needs to know about the new regulation:
Any individual, organization, or company (even those in the U.S.) that controls or processes personal data of consumers located in the European Union.
The GDPR grants consumers easier access to the data organizations gather from them. The regulation sets out clear guidelines for obtaining consent when collecting information. And it set new, higher fine amounts.
Accountability and compliance.
Websites covered by the GDPR are accountable for how they handle customers’ personal information and must as such keep and, when required, provide necessary documents to prove they are in compliance.
Changes to Accessibility for Persons with Disability – ADA Act 2018
The original ADA Act and the 2016 update don’t fully address the needs of a person with a disability who uses the web. The 2018 review of section 508 addresses most outstanding issues that make the web more accessible for disabled users.
Here’s what you need to know:
Who is affected?
Any business or organization that exists to benefit the public, local or state agencies, and private employers with 15 or more employees.
How do I know if my website is ADA compliant?
According to WCAG 2.1, a website is ADA compliant if it’s perceivable, operable, understandable, and robust.
Deadline for Compliance.
Those affected by the update had until January 28, 2018, to become compliant.
This one has some grey areas and it is not entirely clear who and what must fully comply. This is one to be aware of and to consult with your legal team if you have questions about how far you need to go with compliance.
Changes to HTTP Security – Google SSL Requirements
SSL isn’t exactly a regulation, but an industry requirement that can have an impact on your business.
Here are the 3 things SMBs need to know about the 2018 SSL updates:
What is SSL?
SSL means Secure Socket Layer. It’s a security protocol that encrypts HTTP connections between a browser and a server. With the addition of an SSL certificate HTTP now becomes HTTPS.
Why do I need SSL?
To protect your customers. But starting July 2018, with the release of Chrome 68, Google marks all HTTP sites as insecure. This can seriously hurt your online reputation.
How do I obtain an SSL certificate?
Ask your hosting company to provide the certificate or purchase a certificate from verified providers.
Google also uses this as a factor in search engine rankings so it is simply important that you make your site compliant since this is not a major effort to get completed.
These are just highlights. You’ll need to read more on these changes on our blog (click the links!) to fully understand how they impact your business and how to become compliant.