Your Local Home Care Business and GDPR (General Data Protection Regulation)

Your Local Home Care Business and GDPR (General Data Protection Regulation)

First, an obligatory disclaimer: I’m not a lawyer and what follows isn’t legal advice. If you need concrete legal counsel, talk to a lawyer.

You may have noticed a lot of new privacy policy changes from big companies like Google, Slack, and Facebook recently. That’s because GDPR is knocking on the door and demanding everyone’s attention. In Europe, it’s been a BIG topic but not so much here in the States until recently.

The goal of the GDPR is to help protect citizens from having their data misused or, worse, stolen in a data breach. Organizations have gotten away with lax security of personal data for far too long, and the EU regulations are a huge step to help prevent this data from being stolen in the future. Being compliant with GDPR means you’re doing your part to help protect everyone — yourself included — from becoming a victim of a data breach.

How do you know if GDPR affects you?

  • Do you sell and ship products to the EU? NO.
  • Do you offer a digital service (free or paid) that are targeted at customers inside the EU? NO.
  • Do you systematically process or process on a large scale the personal data of EU-based customers? NO.
  • Do you offer a digital service that’s also used by EU-based customers, but you don’t actively target them? NO.
  • Do you have a simple blog or website with comments that are not aimed at EU-based visitors? YES.

As you can see, for most local home care agencies, this isn’t a big issue. However, like many policies that are formed out of concern for personal safety, there are bound to be more coming our way in the United States at the Federal and State levels.


Use these tips to get your website GDPR ready.

A lot of us use WordPress for our websites. At the time of this writing, WordPress is working on adding GDPR compliance into the WordPress core framework. However, I don’t know when the updates will be released and exactly which problems they will solve.

Audit your website forms

Your site is likely to contain multiple sign-up forms, webinar sign-ups, and gated content.

  • Opt-in language that reflects GDPR standards. The person needs to clearly understand what they are giving their consent to.

 Make sure your website has a SSL Certificate (https://)

The good news is that from an SSL perspective GDPR aligns with well understood best practices anyway.  If you’re putting all your site pages under https and using certificates to authenticate and encrypt communications between internal systems, you’re meeting the GDPR requirements for that component of data protection.  And if you’re not, you should be doing so anyway in order to protect your customers, protect your own business, and maximize confidence in your site.

 Update your privacy policy and have a clear link to it on your website

If you don’t want to go through your lawyer, you can use this free online privacy policy generator to create a GDPR compliant privacy policy. Just fill in the blanks and add it to your website.

 What do LTC Expert Publications clients need to do?

If we created your website, and if we host/maintain your website, feel free to send an updated Privacy Policy to us (use the link above or have your lawyer draft one for you).

Send it to us through support at We will gladly add it to your website.

We will not, however, create a privacy policy for you.

If you have not moved to SSL, please contact us via support for a permission slip to have that completed. Yes, there is a fee.

You can see our privacy policy here (it’s a bit of over-kill, but hey, whatever works).