Data privacy is a relatively new hot topic among legislators in our nation, as well as globally. If you’re not familiar with the General Data Protection Regulation (GDPR), it is advisable that you read up on it. To summarize, the GDPR was created in the European Union (EU) to protect the privacy rights of consumers. It carries heavy fines for businesses that don’t abide by the law, and the jurisdiction of the law applies to any business (or any person in some cases) that collects consumer data of anybody that resides in the EU.
In the U.S., there is no suggestion of a federal law that regulates a similar standard, yet. States are already implementing similar laws, though, and the jurisdictions of these laws work very similarly. If a consumer from the state that implements these laws, for example, uses the contact form on your website, the owner of the website falls under the jurisdiction of the law in that state. It doesn’t matter if business is conducted in that state, but only that the form has collected data from a resident of that state.
In most cases, these laws set guidelines for companies to follow. Large businesses usually have their own lawyers and funds for ensuring they are protected from violating these laws, but small businesses don’t typically have the same resources. This is where SheppTech can make a big difference.
To install these, a simple piece of code is added to your website to generate the document. Then, we add a link to the document in the footer of your website, and voila, the website is compliant. The code is dynamic, which means when the law changes, so does your document. This ensures that your policies are fully compliant. SheppTech monitors the information released by our partner to ensure that there aren’t any changes to the law that would make our customers fall out of compliance.
These services only cover simple data collection of Personally Identifiable Information (PII). This includes email addresses, names, addresses, credit card information, and more. However, there are some data that is covered by different laws such as medical, financial (banks), and educational data.
SheppTech does not have the ability at the moment to work with institutions that collect this more specific information. However, if there is interest in consulting with SheppTech, we can either point our customer in the right direction or work with them to ensure they get the resources they need.