What is GDPR?
The General Data Protection Regulation (GDPR) is the law that was effected on May 25, 2018 by the European Union (EU). And the main goal of GDPR is to give the European Union citizens full control over their personal data and enable them to change the data privacy approach of organizations throughout the world.
GDPR has the prospect to escalate to the high level of fines. It will start with a notice, then a reprimand, then there will be data processing suspension, and if there is continuous violation of the law, then the large fines will be effected.
The European Union is not some evil government that is on the move to get anyone. Their goal is to strictly protect consumers, average people from reckless handling of data / data breaches because the issue of data insecurity is getting out of hand.
What is required under GDPR?
As it is known that goal of GDPR is to protect personally identifying information (PII) of users and holding business organizations to a higher standard in terms of collection, storage and usage of data.
The personal data required by GDPR includes: Name, Emails, Physical address, IP address, Health information, Income information etc.
Is WordPress GDPR Compliant?
WordPress core software is GDPR compliant, especially WordPress version 4.9.6. There has been an integration of several GDPR enhancements by the WordPress development team to make sure that WordPress is GDPR compliant. It is important to note that as when referring to WordPress, we are talking about the self-hosted WordPress.org.
Due to the dynamic nature of most websites, no single platform, extension or solution can provide 100% GDPR compliance. The compliance process of GDPR will vary based on the type of website, the type of collected and stored, and the procedure of data processing on the website site.
By default, WordPress 4.9.6 now comes with the following GDPR enhancement features:
1. Comments Consent
Formerly WordPress used to store information like commenters name, email and website as a cookie on the browser of the user by default and this made it very easy for users to comment on their favorite blogs because those fields were already pre-populated. Due to the consent requirement of GDPR, WordPress has integrated the comment consent checkbox which enables the user to leave a comment without checking this box. This means that they would have to enter their name, email, and website manually every time they leave a comment.
2. Data Export and Erase Feature
WordPress provides website owners with the ability to comply with the data handling requirements of GDPR and honor the request of users for exporting personal data and removal of the user’s personal data. The data handling features of GDPR can be found under the Tools menu inside WordPress admin dashboard.
Listed below are the recommended WordPress plugins for the facilitation of GDPR compliance.
- Cookies Notice
- Delete Me
- Shared Counts
Those new privacy features come especially handy when it comes to employees’ data. You will be more than happy to use them when working with an Intranet Theme such as Woffice.
As always, if you have any question or request, please don’t hesitate to leave a comment below.