How new data protection regulations affect your accounts (GDPR IMPACT)
There are much more stringent regulations on the way to protect your personal information – and how that data is gathered, stored and used. They will also put stronger controls on the sharing of financial and personal information and how and when data is destroyed.
All of this clearly affects the sensitive information that passes between you and your accountant. The new controls are embodied in the EU General Data Protection Regulation. It replaces current Data Protection legislation and becomes active in 2018.
The GDPR impacts on any organisation that holds personal information on EU citizens. So Britain’s exit from the EU doesn’t render businesses immune from the heavy fines that come with non-compliance.
The primary aim of the GDPR is to protect information from cyber crime. But it is also addressing the ineffectual protection that has led to many data breaches. Last year there were 54,468,603 individual records compromised and that’s a 475% increase on the year before.
The information you trust to an accountant can be very sensitive, leaving you vulnerable to a number of business pitfalls. You would not want it falling into the wrong hands by accident or malicious intent.
Under the rules of the GDPR, all personal data held by companies including accountancy practices must be encrypted, and pseudonyms must be used to protect personal identity. The aim is to render the information unusable if it is leaked or lost. To prepare for the GDPR, accountants have to fully audit their existing data systems and procedures, and create encryption protocols. This includes ways to turn data back into a usable form easily. They must also designate and train the individuals who are allowed to hold the encryption keys.
This could particularly affect organisations that access files and reports on multiple devices and from remote locations. There is also a greater requirement for communication – organisations need to be very transparent in gathering information from clients and customers, ensuring they are fully informed about its usage and disposal criteria.
Clearly the GDPR preparation is a lot of work. But it is an important way to ensure that the valuable relationship between you and your accountant is protected, increasing trust and security.
If you are based in the Sussex area and need advice on how GDPR might affect your accounts, then give our Managing Partner, Melanie Richardson a call today.
Get in touch today
Melanie Richardson - Managing Partner
Tel: 01825 763366
An award winning accountancy practice
An award winning accounting practice. Swindells have won the Medium Business Award at the East Sussex Women In Business Awards that took place on the 20th July at the Cavendish Hotel. It’s a great honour to be set alongside some of the other amazing businesses in the county and we’re very proud of the achievement. […]
Sign up to receive our private content
straight to your inbox