
Ask HN: What Compliances to Take Care of When Building a SaaS Product? - formatkaka
Hello ,<p>Looking at the resolutions passed in the last year, and reading many of HN threads, it seems that governments all across are going to start implementing such laws.<p>Some of the laws include GDPR by EU, Assistance and Access Bill by Australia etc.
Most laws being passed to stop the misuse of user data.<p>My questions are :<p>1. Is there a resource where we can access all such compliance&#x27;s. Whatever info I have currently is based on HN&#x2F;Reddit or some newsletters.<p>2. Assuming many such laws are going to come up, what steps should we take right now to avoid extreme situations (such as being forced to stop service in a specific country) because we are not able to comply with their policies&#x2F;requirements.<p>P.S. - I work with a startup, so hiring lawyers is not an option right now.
======
Mave83
Target markets you have insights and don't care about the other. When you grow
in your home market, you can pay employees or lawyers and then expand.

~~~
formatkaka
We are creating a content distribution platform, so potentially anyone can
come and view content on our site.

What do you suggest in that case?

------
richardk3000
Btw are you from Belgium? There's a Flemish joke in your user name.

~~~
formatkaka
No, but would love to hear the joke!!

~~~
richardk3000
Kaka means poopoo (sh*t, but not that rude). Did you see my other comment,
more to the point?

------
richardk3000
I'm working on a startup, GDPRvalet.io, currently in the phase of testing my
assumptions.

Target audience is startup/scale-ups who need to comply with GDPR but don't
have the money to hire lawyers (spoiler alert: in most cases you don't need
any, certainly not in this phase of your company).

I'd like to ask you some questions to test my assumptions.

As a return favour I'd be happy to answer any questions about the practical
implications of GDPR for your company – I've been working as a GDPR consultant
for about 10 clients since 2017.

~~~
formatkaka
Hey, please contact me at s.loya@shilpmis.com

------
takinola
Solve the problems you have not the problems you _may_ have. If you are
dealing with a specific industry or region, then your compliance needs should
be obvious (EU - GDPR, Healthcare in US - HIPAA, etc). Of course, take all
reasonable and appropriate precautions to secure and protect your customers'
and users' data. As your business grows and evolves, you may find more
compliance requirements but you probably don't need to deal with them until
you hit those stages

------
wprapido
GDPR is all you need at an early stage.

