Posted by & filed under Business, IT News, IT Security, News.

According to a recent study, 86% of the top UK websites failed to comply with GDPR.  Considering GDPR is now a year old, this alarming news.

The findings by ImmuniWeb, a global security testing provider, highlighted that the majority of UK websites were using non-compliant processes or insecure systems to host and manage user data.   Eighty-six percent were found to be using insecure cookies and 17% of sites had either missing or hard to reach privacy policies.

On a positive note, 100% were using Secure Socket Layer (SSL) or HTTPS and had up-to-date content management systems.

The stats also revealed that sites operating across the rest of Europe are more likely to be compliant with GDPR.

Here are some tips on how to make your website GDPR compliant:

  1. Make sure your privacy policy is very clear about the data you are capturing and easily accessible.  It needs to outline the usage of advertising, marketing, transferring data to third parties (who must be named) and IP tracking
  2. Make sure an SSL certificate is obtained for your website to encrypt data to stop people hacking it
  3. Make sure any data capture forms on your website have active opt-in boxes for acceptance reasons including for social media
  4. Make sure users can unsubscribe their consent/withdraw their permission easily and clearly and this should be separate to accepting terms and conditions
  5. Your website should have procedures in place to detect, report and investigate personal data breaches.