GDPR For Sitecore

by Kagool

How Sitecore Can Easily Help You Comply With The Incoming GDPR Law

With the 25 May fast approaching, businesses are no doubt already in the final stages of tying up loose legal ends for the arrival of the new GDPR law.

So what does GDPR mean for businesses? The General Data Protection Regulation Act aims to give individuals in the EU more control over their personal data – a lot of which is held and processed by businesses and organisations. Giving more power to the individual, GDPR will introduce a series of rights, including, but not limited to:

  • the right to be informed
  • the right of access
  • the right to object
  • the right to restrict processing.

Affecting all areas of business, the changes in data handling will have an impact on every department and aspect of organisations, including employees, processes, and applications.

One such application is Sitecore, which, as an enterprise CMS, handles a wealth of customer data on a daily basis. Getting the fundamentals right in terms of handling data correctly – and legally – is the next challenge for Sitecore users.

Why Focus On A CMS?

An organisations’ content management system can often act as a written history of that company’s digital lifespan. Apart from instances that involved a complete re-build and restart, from the moment a website is launched, right through to its present state some years later, a CMS will carry the battle scars of its many changes. These changes could be anything from rebrands and acquisitions, to the multitude of marketing campaigns that have impacted the website over the years.

Understandably, this can make a website’s back-end very messy. With GDPR just around the corner, the last thing any business wants right now is a minefield of unknown data, hidden away in legacy systems, unused plug-ins, or lapsed campaigns.

How Can Organisations Using Sitecore Make Their Platforms Compliant?

There isn’t a quick-fix button that will bring instant compliance to organisations’ Sitecore platforms, as every business is built from different DNA. What really needs to happen is to get under the bonnet of your CMS and examine its intricacies, pinpointing the areas where data is processed and held. Getting opt-ins (and outs) down to a tee is just scratching the surface of GDPR, and there are a multitude of different factors and variables at play that can and will effect your business.

So how can we ensure that Sitecore platforms are complaint? A GDPR Sitecore audit is something to consider, as years of data can build up in a CMS, often through multiple site-builds and staff changeovers.

Luckily, Sitecore is a flexible, advanced CMS that, especially in its latest iteration, Sitecore 9, has the ability to be configured to work towards compliance, as outlined in the brand’s recent whitepaper guide. By opening up your website, with the help of a team of Sitecore experts, you can begin to pull out data and question everything, giving a clear view on what needs to be addressed and how it should be done.

GDPR Means Company-wide Compliance

It’s worth noting, however, that compliance issues should be ironed out company-wide in order to avoid the hefty fines the government will have the authority to issue from the 25 May.

Getting your CMS in check is just one of the many steps you can take towards compliance, although it’s one of the smarter ones, as a full investigation now will save time, stress, and inevitably, money later.