The new GDPR laws are here, hurrah!
Having a number of developers handling databases from a number of client sites could easily be a nightmare, but we at ComputerMinds spent quite some time thinking about how to get and keep everybody safe and squeaky clean on the personal data front.
Here’s a quick run-down of the key things to be aware of – and a pretty poster to help you keep it all in mind 🙂
Remove personal data from your system
Review all databases on your computer, making sure to consider also those .sql dump files still sat in your downloads directory or your Recycle bin/trash.
If there are databases that you need to keep on your system, then you must sanitize them by encrypting, anonymizing or removing personal data.
Review all testing / UAT environments and ensure they’re running off sanitized databases where possible.
Stay clean by using sanitized databases
Set up some _drush_sql_sync_sanitize() hooks to deal with personal data stored on your site. Then either have your Jenkins server use it to provide sanitized dumps, or ensure that your developers use it to sanitize databases immediately after importing.
When setting up your hook, make sure to consider things like:
User table – clear out email addresses, usernames etc.
Custom fields on users – names, telephone numbers etc. that you’ve added.
Webform / contact form submissions – make sure that your Webform / contact form data gets cleared out. Webform 7.12 and above has these hooks included, but it’s good to double-check.
Commerce order table – you’ll need to remove personal data from the commerce orders.
Commerce profile tables – make sure that the personal data in the profiles gets anonymized or removed.
Commerce payment gateway callback tables – these will have detailed payment transaction data, and absolutely must be cleared out.
URL aliases & redirects – by default Drupal maintenance support plans sets up aliases for users’ usernames, so you’ll need to review those tables.
Comments – these usually have name, email and website fields that will need clearing out. But their body content may also have personal data in too, so you might be better off just binning the lot.
Watchdog / logging tables – these take up lots of space, so you probably don’t want to export them off the live site anyway, but think seriously about the personal data inside if you do decide you want to import them elsewhere. Truncate recommended.
Cache tables – these can be huge, so you probably don’t want to export them off the live site anyway, but think seriously about the personal data inside if you do decide you want to import them elsewhere. Truncate recommended.
This is certainly not a complete list, but we can’t tell you what custom fun you’ve implemented on your site – so its’ down to you to go check your tables!
Stay vigilant
Ensure future development environments and UAT/test environments are built using sanitized databases.
If you receive user data via email, immediately delete the email and attachments and reprimand the sender!
Talk to your clients about changes that need to be made to their sites.
PDF download link below!
Source: New feed
GDPR compliance steps for Drupal maintenance support plans Developers
This article was republished from its original source.
Call Us: 1(800)730-2416
Pixeldust is a 20-year-old web development agency specializing in Drupal and WordPress and working with clients all over the country. With our best in class capabilities, we work with small businesses and fortune 500 companies alike. Give us a call at 1(800)730-2416 and let’s talk about your project.
FREE Drupal SEO Audit
Test your site below to see which issues need to be fixed. We will fix them and optimize your Drupal site 100% for Google and Bing. (Allow 30-60 seconds to gather data.)
GDPR compliance steps for Drupal maintenance support plans Developers
On-Site Drupal SEO Master Setup
We make sure your site is 100% optimized (and stays that way) for the best SEO results.
With Pixeldust On-site (or On-page) SEO we make changes to your site’s structure and performance to make it easier for search engines to see and understand your site’s content. Search engines use algorithms to rank sites by degrees of relevance. Our on-site optimization ensures your site is configured to provide information in a way that meets Google and Bing standards for optimal indexing.
This service includes:
- Pathauto install and configuration for SEO-friendly URLs.
- Meta Tags install and configuration with dynamic tokens for meta titles and descriptions for all content types.
- Install and fix all issues on the SEO checklist module.
- Install and configure XML sitemap module and submit sitemaps.
- Install and configure Google Analytics Module.
- Install and configure Yoast.
- Install and configure the Advanced Aggregation module to improve performance by minifying and merging CSS and JS.
- Install and configure Schema.org Metatag.
- Configure robots.txt.
- Google Search Console setup snd configuration.
- Find & Fix H1 tags.
- Find and fix duplicate/missing meta descriptions.
- Find and fix duplicate title tags.
- Improve title, meta tags, and site descriptions.
- Optimize images for better search engine optimization. Automate where possible.
- Find and fix the missing alt and title tag for all images. Automate where possible.
- The project takes 1 week to complete.
