August 18, 2020
Privacy Checkpoints for Your Website Analytics Tool
Posted by Pippa Akem
Creating data privacy checkpoints for your website analytics tool will be one way you navigate successfully as the world prepares to deal with a resurgence of the COVID-19 virus. With renewed testing and tracing regimes, people’s expectations around privacy have not changed. The same questions over how information is retained and who ultimately has access to this information down the line are still up for discussion.
Rising privacy expectations are not just an issue for the pandemic climate, as those in the privacy space are aware. Groundbreaking privacy regulations such as the EU’s General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA) in the U.S. lead the way in setting higher standards for user privacy and data protection.
To meet their compliance obligations, businesses must examine how they are processing personal data, including how certain tools are utilized to capture and share data from visitors to their websites.
Here are some key website analytics tool settings to review to help manage privacy concerns for your website.
- Check account controls to establish what’s collected, stored and used.
You should explore your account setting options for how to manage the personal data processed by the website analytics tool. Start by understanding what each feature does to mitigate a privacy concern and then enable the features that support your privacy choices.
2. Check for an IP address anonymization option.
Your analytics tool may be able to anonymize an IP address if you have the feature enabled in your web property. Review your company’s privacy policies and assess which analytics properties you need to disable the data collection feature for.
3. Apply your retention policy and limit sharing you don’t want.
Apply retention rules to user-level and event-level data stored by the analytics tool. Check the sharing setting and uncheck the data you don’t want to share with the analytics tool team. And, review the signals setting to customize your reports and limit or disable ad personalization features.
4. Remove data from the analytics tool.
You have the ability to remove or delete analytics data from the tool. In a typical scenario, you can request that the data be deleted from the tool’s servers or you are given the capability in the tool to delete information for a single user.
More detailed features will be provided by your analytics tool provider in their Help Center. The takeaway is that you should begin to explore the privacy enhancing features offered by your website analytics tool. Don’t assume that the default settings fully cover your privacy risks.
For more information on Armanino’s data privacy, inventory and mapping solutions visit our Risk Assurance & Advisory Privacy Services page.
Prior to joining Armanino, she held privacy functions at Fortune 500 companies supporting General Data Protection Regulation (GDPR) implementation and the transition to California Consumer Privacy Act (CCPA) compliance. Pippa holds the Certified in Healthcare Privacy Compliance (CHPC) designation and is a member of the Health Care Compliance Association (HCCA) and the International Association of Privacy Professionals (IAPP).