You know what I have been thinking about a lot lately? What would 2019 Erika think if she was shown a picture of a grocery store with everyone wearing masks and (hopefully) abiding by line markers indicating which way you can enter the cereal article? If someone had told me that a great way to avoid an illness the world would be confronting would be to start wearing a face mask. Would I have embraced the face mask earlier? Nope. I wouldn’t have. Sure, now I don’t leave the house without my mask, but adopting a mask early and standing out based on predictions of a future illness? That wouldn’t happen.
There is a lesson in there about risk tolerance and risk aversion that is applicable to the world of website management. Every day in this industry, as in most, we deal with myriad risks and we make decisions about whether or not to make changes to address them. The EU passed an all-encompassing privacy law in 2018, GDPR, that requires (among other things) that website owners let European citizens anywhere in the world know if their website uses cookies. So, would I tell someone running a plumbing business in Bethesda, Maryland that they should adopt GDPR standards just in case a local diplomat ran across their website looking for someone to unclog their drain? No. But, how do we assess the risks and make decisions?
Stay Informed and Ask Questions
Here is what you shouldn’t do: Don’t stick your head in the sand. It is easy to live in a world where you simply don’t hear about legislation or industry changes that impact your website. But, that is a mistake. Whether it is by following brilliant, purple-haired industry leaders or reading trade publications, you need to engage with risk/reward decisions. You aren’t avoiding making decisions when you ignore the news, you are just deciding “no” without really knowing all the factors in the decision.
Risk vs. Cost
Why did I declare so quickly that our local plumber didn’t need to make his US-based website GDPR compliant? Simply put, the risk versus cost calculation is way off. The risk he faces in not updating his website is pretty minor when compared to the cost and effort of becoming compliant. If our plumber were in Switzerland? Or if he was not a plumber, but a plumbing supply provider that sold worldwide? That changes the calculation.
Rebuild or Retrofit
Sometimes, fixing a problem just isn’t that hard. Websites are weird. Often the things that seem like they will be very difficult to fix are the ones that wind up being pretty minor (and conversely, those that seem like they are minor become a heavy lift). Before you write off something completely, or kick the can down the road, it might be worth a conversation to see just how big the bread box actually is.
Can You Get Close?
Often in my line of work, we let the perfect be the enemy of the good. We know what should be done, and if we can’t get all the way there we forget that some of the way there is a great start. Take website ADA accessibility as an example. Like GDPR, website accessibility is a risk factor. Companies can be sued under the ADA for not having accessible websites. Having recently completed our first certified accessible website (yay ArtStream!), we can tell you that 100% accessibility is a very high bar. But while doing that site, we learned that you can go a long way toward compliance just by following website best practices. Does that mean you are covered and certified? No. But, it certainly means you are a lot closer (and you’re providing a better experience for a community that deserves to be able to interact with your message).