How GDPR affects web hosting – what you need to know
The first thing all web hosting companies should know when it comes to the new GDPR legislation is that web hosters are considered to be data processors when it comes to their services for end-clients, who are then considered the data controllers.
This means that all web hosting companies fall under the new GDPR regulations, and as such, they’ll have to change the way they safeguard the data of the EU citizens they process.
Non-compliance could prove devastating to any business, as the penalties are extremely high.
Three of the main areas you need to be aware of as a data processor in the eyes of the EU are:
The procedures you have in place to detect, report and look into any data breaches has to be fully compliant with the new regulations, as you have 72 hours from the time of the breach being detected to the point where you report it to the relevant authorities and to those whose data has been affected. You must also provide information to the authorities on who was affected, and what you’re doing to combat it.
Anyone from the EU whose information you process has the right to access the information you hold, so you have to make sure that you have the correct procedure in place to deal with any such requests.
These requests are time-sensitive as well, so bear that in mind.
A big part of the new legislation is how consent is asked for and given for data to be used in certain ways.
You should be reviewing the process you have in place for seeking, recording and managing consent and if there are any changes that need to be made you should put them in place as soon as possible.
At this stage, it should be clear that dedicated servers are far more practical for falling in line with this regulation than shared servers.
Dedicated hosting has always been the ideal answer for companies who take their hosting and the information that they hold on their servers seriously, and that has just become even more the case.