Virginia Consumer Data Protection Act (CDPA)

December 31, 2022 is When Virginia's Privacy Law Takes Effect.

Second in the nation behind California to enact online privacy regulation, Virginia’s new law takes effect on January 1, 2023.

Similar to the law in California that is again similar in itself to the more stringent privacy regulations in the European Union, Virginia has new privacy rules now too.

What does this mean for US and Virginia-based businesses and those selling in Virginia?

First and foremost, if you do not have cookie notifications on your website, now is the time to implement this scripting. There are many online services that provide the scripts to meet the European Unions’ strict rules and can be used to meet both California and Virginia’s regulations. We use cookie-script.com for our privacy adherence needs.

For Virginia businesses and those that do business in Virginia, here’s what you need to know about this recently passed act.

First you must be in compliance by January 1, 2023.

“Virginia’s legislation has a carve-out for information collected in the employment context, whereas California’s law applies to some employment data.” Read the full article.

The CDPA applies to the following business types:

• Those that control or process the personal data of at least 100,000 consumers.

• Those that process the personal data of at least 25,000 consumers and derive more than 50 percent of their gross revenue from selling personal data.

Make sure to check this article for a number of exemptions. Virginia has made its law less stringent than California’s privacy law, but make sure you know what is covered and not covered.

What Are Your Rights in this New Law?

“Virginia’s law was modeled after California’s laws and the European Union General Data Protection Regulation. Virginia’s law provides expansive consumer privacy rights, such as the right to access, right of rectification, right to delete, right to opt out, right of portability and right against automatic decision-making. The act includes a broad definition of “personal information,” a “sensitive data” category, and data-protection assessment requirements for businesses that control the data.”

“Consumers don’t have the right to bring a private lawsuit for violations of the act. Instead, the Virginia attorney general’s office will enforce the law. Entities will have the opportunity to cure violations or face a fine of $7,500 per violation.” Read more.

Most people expect other states to follow with restrictions similar to Virginia’s or California’s.

Our Recommendation

With privacy being in the forefront of everyone’s mind right now, it is time to look at adding a privacy statement and cookie setting acknowledgement script on your website.

When the EU rolled out it’s privacy regulation several years ago, many businesses opted to not update their site for cookie approval as they felt they were exempt (erroneously) by not selling services or products in the European Union. Now with expansion of similar regulations to California and Virginia, it is time to implement technology to be in compliance this year and at the minimum by December 31, 2022.

 

 

Share

Why You Should Move To HTTPS

HTTPS – Google loves it, but for informational websites, moving to HTTPS adds to your costs. Expect to pay $129 to $229 for a SSL or secure socket layer certificate to be able to have your website use HTTPS in the browser bar.

For me at this time, I am not moving to HTTPS and it is mainly due to the additional cost. I do not have e-commerce on my website and I only use a contact form for prospects, so do not feel that I must have this extra security. But, Google loves the security and encryption that HTTPS affords for websites. At some point in time, the use of HTTPS on your website may be a ranking factor for organic results, but for now, it is not.

E-Commerce Sites MUST be HTTPS

If your website has e-commerce, you take payments or log users into a secure area, you really need to be using HTTPS at this point in time, no exception.

New Websites Should Embrace HTTPS

Any new websites we design are all in HTTPS. At this time I do not feel that existing informational websites should move to HTTPS, but that day may be coming soon.

To find out more about how we can help you, I invite you to visit our website to browse our service offerings and read more content on topics that will help your business grow.

Share

Introducing Our New Website

The New McCord Web Services Website.
The New McCord Web Services Website.

We’ve launched our new website last week and invite you to take a look at https://www.mccordweb.com.

Created using a new responsive framework from Project Seven, our new site is made for speed. We have utilized a number of different page layouts using the Zeitgeist page pack.

Our new site features a return to our original colors from years past of a blue-green, gray, and black and we have moved to https.

We have revamped our content, streamlined our services, and introduced new offerings.

As part of our change, we will be changing up our marketing mix.

  • Our newsletter will disappear in October.
  • Our blog postings will move from twice a week to monthly.
  • Our blog posting will be longer, more thoughtful articles.
  • Our social media will focus on LinkedIn engagement.

You will start to see these changes over the next month as we work out pre-scheduled content.

We look forward to many more years serving our clients.

Visit the site now.

 

Share

Important WordPress Plugin Abandoned? What to Do

Simple Tips to Prevent Stares in the Waiting Room
Yikes, an Important Plugin for my WordPress Theme has Been Abandoned!

If a plugin that is important to the look and feel of your WordPress website is abandoned, it is best to start looking for an alternative.

Recently in the news, several popular abandoned plugins were purchased and used to disseminate malware. It is not recommended to keep using a plugin that has been marked abandoned at WordPress.og. So what should you do?

One, search for alternatives using the plugin name. In many cases others just like you have had a similar problem and have created, found, or written about good alternative plugins. Do some research and see if you can find a good replacement option.

Two, be sure is has been abandoned by visiting WordPress.org. Look to see if there are comments that point you to alternatives.

Three, look actively for more than one alternative and test them before deciding on one. I am searching for a replacement for a client for the JP Widget Visibility and found this blog post with a nice review of over ten options.

Four, leave the abandoned plugin installed and take your chances that nothing will happen and your site will not be hacked. Just be aware that as WordPress updates, the plugin may stop working entirely.

This is a great article on other additional options to pursue at Nexcess Beyond Hosting.

 

Share

WordPress Themes Rely on Plugins What to Do When They Break

Don't Let Cash Run Out, Get Proactive
Is Your WordPress Website Costing You?

I like WordPress for blogs, but not for websites. Here’s one example of why I am not recommending WordPress for business websites.

Client A did a new website two years ago and moved to WordPress from PHP. They thought that they would be updating their content and so wanted an application that allowed staff to go in and make updates at will.

What happened in reality is that they never added their own content, they paid me to do updates. They had to buy a WordFence premium license to protect their WordPress website from hacking and then  pay a webmaster to monitor files and plugins for updates as well as do monthly maintenance.

Now, one of the plugins that is integral to the look and feel of their theme, has been abandoned at WordPress.com. Deactivating the plugin makes the inside pages look bad. There does not seem to be an easy fix replacement for the plugin. It maybe that the best solution is to replace the WordPress theme in the next year due to the loss of this important plugin.

Client B has a PHP-based responsive website that is not WordPress. They have used their website since 2015. It still rates over 90/100 on the Google Page Speed tool in mobile and desktop. This client simply wants a new look and so is looking for a similar PHP responsive site design.

I personally feel that WordPress has a place, but is not my preferred application for website design. Too many clients want to keep their new website three to five years or longer. If you have a WordPress website and a plugin is abandoned what would you do if one is not readily available as an alternative? You’d have to simply start over and buy new.

Share

A Quick Refresher on the GDPR Privacy Controls for EU Visitors

How to Work with Remote Teams
Embrace Privacy with the EU Regulations

Since I last wrote about the privacy updates that are mandated by the EU to cover website traffic on American websites by EU nationals, much has happened.

First, clients who thought that they did not want to update their privacy policy or implement cookie approval for website statistic tracking have changed their minds.

Our team has been very busy updating websites to beef up the transparency of the privacy policy, reveal clearly what is being tracked on websites, offering ways to opt out of tracking, and installing cookie approval scripts on websites.

Several clients have shared their thoughts with us on why the sudden change. Some are listed below.

“I do feel lucky about not getting caught, but also want to be safe.”

“I’ve just had a lawyer call me and I feel like I need immediate action on the privacy updates as I don’t want to end up in court on a new matter.”

“I think it is stupid to do, but I am getting inundated with privacy policy updates from everyone that I do business with, that maybe I do need to do something to my website.”

As for me, my perspective is that it is not expensive or hard to do the implementation to be in compliance with the GDPR. I am risk adverse and feel that eventually the US will institute some controls so we will be ahead of the game by changing our own websites now.

Share