Are you GDPR safe?
Worried about GDPR? Help is at hand – Nicola Hartland has news of a great new offer for members
Remaining GDPR compliant is vital for accountants, not only because of the risk of fines but also to protect your reputations as a trusted advisors that clients can depend on.
So it was not good news for PwC that it has become the first of the Big 4 firms to be fined under GDPR. The Greek data protection agency recently fined the company €150,000 for wrongly using ‘consent’ as a basis for processing personal data on staff and gave them three months to comply with GDPR.
PwC is also known as a market leader in GDPR support and customers trusted the consultancy to bring their policies in line with the new regulation. They must now surely undertake some damage limitation to regain public confidence.
It’s worth bearing in mind that it’s not only big companies hitting the headlines who are getting fined, small businesses are also on the radar.
iCaaS GDPR management
In this new era of greater accountability and focus on personal data, iCaaS – which stands for Compliance as a Service – is delighted to have partnered with ICPA. We take the hard work out compliance and make GDPR easy.
ICPA have recognised iCaaS software as the premier solution for businesses to achieve, manage and maintain full GDPR compliance. Our simple, step-by-step solution guides users through all the necessary steps to become GDPR compliant, with no prior knowledge required.
Features of our solution include:
• Document generator: an easy-to-use, intuitive tool that allows you to create bespoke GDPR compliant policies and documents.
• Compliance score: our module uses monthly activity-based questions to ensure you are up-to-date with your compliance.
• Evidence of compliance: our software creates a ‘body of evidence’, as prescribed by the regulations as proof of your GDPR compliance.
• Helpful tools and wizards: these are placed at key points throughout the software.
• Complete data review: a series of questions guide you through the entire process ensuring that all relevant information is captured for compliance.
• Supply chain management: record all your suppliers and how they handle your data within our software.
In the next couple of months we’ll have even more modules available including:
• Subject Access Requests (SAR)
• Breach management
• Record of Processing Activity (ROPA)
• Data Protection Impact Assessment (DPIA)
How to remain GDPR compliant
A large amount of data is handled by accountants and their systems need to be able to deal with GDPR requirements. As a first step it’s important to make sure you:
• Know your data: be aware of what data you hold, where it is and where you got it. Remove data that you do not need.
• Inform staff: make sure your staff are informed of their responsibilities towards GDPR, are fully compliant and aware of the risks for non-compliance. Is there a robust GDPR process in place?
• Maintain compliance: keep data updated and maintained.
GDPR has significantly altered the way accountants work, but there is no reason to be wary of the new regulation. However, accountants must safeguard important files to ensure clients’ data is protected and be aware of any data breaches.
Rigorous protection must be put in place for the exchange of sensitive and confidential information with clients, too.
As well as secure communications being a hugely important part of GDPR compliance for accountants, practices need to ensure all the required in-house policies are in place.
Under the GDPR companies are expected to have the correct procedures for handling these within the stated guidelines with staff having the appropriate training to be able to do so and that’s only the tip of the iceberg.
They must offer the same levels of encryption and authentication as online banking. E-signatures and e-approval can prove valuable as they provide a full audit trail, so accountants can get client approvals quickly, in a GDPR compliant manner, saving money and time.
There’s no doubt that more fines are imminent and companies waiting to see how high the fines go before they take serious action risk being penalised. The overwhelming advice is to act now before you put yourselves at risk.
• Nicola Hartland is CEO and Co-Founder of iCaaS
Accounting Practice Online is part of the ICPA, which is an organisation designed to provide support and guidance for accountants in practice. With 35+ practice specific benefits there has never been a better time to join. Take a look at the routes to membership today.