Confusing Regulation Compliance Made Simple
By VGM Forbin
Updated 2:31 PM CDT, Mon March 27, 2023
Native content:
You have noticed, but you may not have known how to respond. The landscape around online privacy is changing. For decades, we in business have operated with the assumption that data consent was a default. Users are welcome to browse our online resources, and in exchange, we will track them. The ubiquity of the internet and the degree to which everyone’s lives revolve around online information has caused a political shift: it is now understood that individuals are entitled to privacy. Businesses must ask before collecting that information. The duty to be more responsible about data collection and storage is now on us as business administrators.
When the European Union (EU) introduced data protection measures in 2018, companies panicked. They worried about how they were going to comply, but they also worried about the valuable data they would lose. Marketers use customer data to deliver more relevant messaging. Cookie-enabled marketing strategies have led to bigger bottom lines. Losing that data has required European marketers to rethink how they connect with potentially interested customers.
Three years after the EU’s implementation of the General Data Protection Regulation (GDPR), some businesses in the United States are still hesitant to adjust their online practices. In most cases, it isn’t obstinance or even fear of losing the data that holds them back. It is confusion on exactly what is required of whom. Meanwhile, several US states have adopted data privacy regulations of their own, beginning with the California Consumer Privacy Act (CCPA) and extending to similar laws in Colorado, Connecticut, Utah, and Virginia. A website serving residents anywhere in the US is likely to be accessed by users in these states. None of us will be able to avoid these requirements.
Because the laws are confusing, it might appear that nobody is preparing for the changes, and it is true many US businesses are under prepared. However, it is also the case that businesses across the US have been quietly aligning their practices with these regulations for years.
There is No Longer Time to Wait
Most US businesses have had the luxury of a long timeline to implement more responsible data practices. The EU, then California, showed us what compliance would require. Sites need to be transparent about the data they are collecting and provide an easy way for users to opt out. Several more states’ privacy regulations take effect this year. By the end of 2023, users in Europe, California, Colorado, Connecticut, Utah, and Virginia will need to see a notice from any site that collects and stores user-level information and will need to be provided with an effortless way to opt out. This is the time to review your data collection and storage practices. Collecting data on users from these areas will expose you to peUniversal Analytics to Google Analytics 4 (GA4)nalties.
If your website is due for an upgrade, VGM Forbin has developed a platform to react quickly to changes in the regulatory environment. A site built on VGM Forbin’s PowerWeb™ Evergreen platform is making compliance easy. For other PowerWeb™ or VGM Forbin eCommerce sites, contact us today about adding a module for compliance. This is an opportunity for you to consider how and with whom your company’s site is hosted, VGM Forbin wants to help you make a compliant decision.Contact us today
Your Analytics Will Change
Marketing analytics will have less detail. Google is upgrading from Universal Analytics to Google Analytics 4 (GA4). This updated interface also changes how data is collected, making it significantly easier to anonymize IP addresses. Additional tags and pixels placed on a website will need to recognize cookie preferences. The team at VGM Forbin reviews tracking tags and pixels before publishing them to PowerWeb™ or VGM Forbin eCommerce sites. To schedule a review of policies and inspect your tracking tags, contact VGM Forbin today.
This is Not Scary
You don’t need to fear regulatory changes, but you do need to take steps to ensure your site doesn't break laws. Because VGM Forbin puts HIPAA and SOC compliance at the center of our practices, we have years of experience protecting sensitive Personally Identifiable Information (PII) and Personal Health Information (PHI). Our team is ready to help you with these consumer protections. Contact us today.
Comments