Why Contact Forms on your Website can be a BIG Liability
Does your website have contact forms for visitors to use? We hope so. One of the main purposes of a business’s website is generating leads and contact forms help achieve this goal. You might be wondering how contact forms can be both a positive element and a liability simultaneously.
The problem arises when you collect any sensitive data in these forms. Typically, most forms include fields for contact information such as name, email address and phone number - you may find that some of your website forms are set up to collect employment applications, mortgage pre-qualification requests, or are healthcare-related, which require more personal information. In these forms, you may be requesting the visitor to provide one or more of these very private and sensitive details:
- Date of Birth
- Social Security Number
- Driving License Details
- Healthcare-related information
Any details associated with finance, legal, healthcare, or various other industries can be considered highly sensitive. If these details are collected on your website using basic forms, you are exposing yourself to a huge liability. In most cases, the information entered in this form is emailed in plain-text to a specific email address as well as is saved within the database of your website’s content management system. Gathering sensitive information subjects your company to the responsibility of proper handling and storage of this data.
On many occasions, we find after reviewing our prospects’ websites that the customer is either unaware of the liability implications or they are not sure how else to securely collect this information.
One simple technique is to use an Encrypted Email service. There are various services that offer email encryption with a subscription plan, some of which include the Office 365 encryption add-on, Hushmail or G-Suite Gmail encryption. Once registered, they will provide you with a secure mailbox to receive the encrypted sensitive information collected from your website form. You will then be notified when the encrypted data is available for your review.
We have used this innovative solution for many of our customers and they are grateful to our team for solving their liability issues. We recently utilized this solution for one of our esteemed clients - Compass Health (https://www.compassva.com)
If you are currently collecting sensitive data on your website via a basic form with no encryption, immediate action is needed. Please contact us with any further questions on integrating encrypted emails to save yourself a lot of security and liability-related headaches later.