Is your company website breaking the law?
If your company webpage does not comply with the new online and website legislations then it could spell trouble for your business. As we’ve discussed previously, websites are extremely beneficial for companies, small medium or large. But many people do not know the rules that apply to having a website: A Brunel University survey found that 48% of company webpages are in breach of EU data protection laws and are carelessly sharing confidential customer information.
The maximum fine for not adhering to the legislations is £500,000.
Another recent legislation is the requirement of even the smallest firms to meet the Payment Card Industry Data Security Standard (PCI DSS). The PCI DSS is a proprietary information security standard for organizations that handle cardholder information for the major debit, credit, prepaid, e-purse, ATM, and POS cards. Websites must: build and maintain a secure network, protect cardholder data, maintain a vulnerability management programme, implement strong access control methods, regularly monitor and test networks and maintain an information security policy.
Nationwide were fined £1million last year for failing to adhere to the legislation.
If you are worried that your site might not be adhering to the rules, you should visit the ICO website which is a comprehensive guide to website legislation.