GDPR is an important new data regulation coming into force soon across the whole of the EU. We’re working on fully complying ourselves with our own customer data, and have launched a Data and Privacy Centre here: https://updraftplus.com/data-protection-and-privacy-centre/. This should be fully complete within the next few days.
As part of the law, many customers are asking if our software helps them be compliant. We’ve put out details on what information we collect here.
One thing you need to ensure is that your backups of your customer’s private data are protected. To help with this, UpdraftPlus Premium can encrypt the data in your backups. It has an industry-standard AES encryptor keeps all of the sensitive WordPress installation data (e.g. passwords, lists of users, secret keys, etc.) stored in your database completely secure. Find out more here: https://updraftplus.com/shop/moredatabase/.
Is it also possible to encrypt the media uploaded from my clients? These can too contain private data (PDFs with names in it, pictures representing people, which are not public avaiable, but only in a “Intranet”).
Hi Björn,
This is not a current feature. It is something we are researching. The best that can be done at present is to use a storage option that has on-disk encryption, such as Amazon S3 with server-side encryption.
David
I would be interested in learning if you know of any good practice when it comes to how I can address my clients right to be forgotten in a backup that I have stored. Is there a way to do that technically, or is the only way to replace the old backup with a new in which the person is not stored.
Hi Peter,
I am not a lawyer. A lot of people believe that the GDPR’s statement “taking account of available technology and the cost of implementation, shall take reasonable steps, including technical measures” justifies the practice of deleting customer data from a backup *at the point the backup is restored or used*, and otherwise allowing it to be automatically deleted later when the backup becomes too old. Of course, there’s no GDPR case law from real-world cases yet to test any such theories. Having a means to ensure that backups are certainly deleted at some point, after a reasonable amount of time (by automated means, or a documented process), and a process to ensure that deletion requests are recorded so that they can be applied when a backup is restored/used, and a process to ensure the security and inaccessibility of backups outside of the formal restore process, would appear to be essential to that interpretation. But the details will vary between businesses, so each has to make their own proper assessment of their case. This guy has a slightly different view, and also underlines the importance of documenting procedures: https://www.davidfroud.com/does-right-to-erasure-include-backups/
Good response. Thanks a lot!