Public institutions must provide compliant digital information
Public sector institutions are expected to make official information available online in a way that is lawful, accessible and easy for people to use. In practice, this means either maintaining a website that complies with the relevant legal and technical requirements, or publishing the required information through an approved centralised government portal. For decision-makers, this is not only a communications issue: it is part of service delivery, transparency and public accountability.
Across the EU public sector, website compliance typically involves several connected obligations. These include accessibility for people with disabilities, protection of personal data under the GDPR, clear publication of institutional information, and adherence to national rules on digital services and public information. A compliant website helps institutions reduce legal risk, improve trust and ensure that residents, businesses and stakeholders can access essential information without unnecessary barriers.
When a centralised portal may be used
Some public institutions may meet their publication obligations by using a centralised government portal rather than operating a fully separate institutional website. This approach can be practical where a shared platform is officially designated for publishing mandatory information. It can also support consistency in design, governance and content management across the public sector.
For institutions with regional or local branches, a central website may also be sufficient if it clearly presents the required information about those divisions. This can simplify administration and reduce duplication, provided that users can easily find branch-specific contacts, services and responsibilities. The key point is that information must remain complete, current and understandable for the public.
Special arrangements for constitutional and central state bodies
In some cases, separate administrative bodies or offices may not need to maintain standalone websites if the required information is published on the website of the parent institution or constitutional body they serve. What matters is not whether every office has its own domain, but whether the public can reliably access the information required by law.
This is especially relevant for institutions with closely linked governance structures. A shared web presence can be appropriate where responsibilities are clearly explained and users are not confused about which body is responsible for which function. From a compliance perspective, clarity of ownership, content governance and update processes is essential.
Compliance is broader than publication alone
Publishing information online is only one part of compliance. Public institutions should also ensure that their websites or portal pages meet recognised accessibility requirements, such as providing sufficient colour contrast, keyboard navigation, meaningful headings, alternative text for images and compatibility with assistive technologies. These measures are central to inclusive public service delivery and are expected under the EU accessibility framework for public sector websites and mobile applications.
Institutions should also consider GDPR obligations whenever personal data is processed through contact forms, service portals, newsletter tools or analytics platforms. Privacy notices, cookie controls where relevant, retention practices and supplier arrangements should all be reviewed. A website that looks modern but fails on data protection or accessibility can still expose an institution to complaints, reputational damage and avoidable remediation costs.
What public sector leaders should do
For senior managers and communications, IT or digital teams, the practical priority is to confirm where mandatory information is published, who is responsible for maintaining it and whether the platform meets current compliance expectations. This includes reviewing content structures, accessibility statements, document formats, data protection notices and governance arrangements for updates.
- Check publication obligations: confirm which information must appear online and whether it belongs on the institution’s own website or an approved central portal.
- Review accessibility: ensure pages, documents and online services are usable for all residents, including people using assistive technologies.
- Assess GDPR compliance: identify where personal data is collected or processed and verify that notices, consent mechanisms and supplier controls are appropriate.
- Clarify ownership: assign responsibility for content accuracy, legal review, technical maintenance and regular updates.
- Reduce fragmentation: where multiple departments or regional offices are involved, use a clear and consistent structure so users can find information quickly.
A compliant public sector website is not simply a formal requirement. It is a core part of how institutions communicate with the public, deliver services and demonstrate trustworthiness. Whether information is published on a standalone site or through a centralised portal, the standard should be the same: clear, accessible, secure and aligned with legal obligations.