In the last of a three-part series on GDPR on Accounting Web we lay the groundwork for accountants to communicate data-related changes to their clients. Will anything change in the way you communicate with your clients? And how can you add value to your client relationships by helping them with GDPR-related issues?
If you don’t know by now, GDPR is introducing improved regulations surrounding the safe keeping of personal data, and increasing the fines for serious breaches and non-compliance. GDPR coming into motion reflects just how valuable data security is in 2017, and no matter how big or small your firm is, or how many clients you obtain, everyone handles data that deserves to remain protected.
Whether you plan on making any changes to your current data security practices, GDPR introduces policies that will affect everyone. It’s important that any data-related changes or improvements your firm make are clearly communicated to your clients. This doesn’t just apply to data online, but also to physical data, ie the contents of your filing cabinets, contracts, and the rest. But don’t see making changes as an unfavourable task; GDPR isn’t supposed to be unreasonable.
According to the AAT in a survey last year 44% of those questioned ranked “business being careful with sensitive data” as the most important factor when considering who to engage with. See this regulation update more as an opportunity for you to remind your clients of their rights to privacy, and even encourage them to make their own improvements, whilst partaking in the activity yourselves. Give your firm that competitive edge.
Here are a couple of key features that GDPR will impose in relation to communicating with your clients, which you may find useful:
You want to make sure that your clients’ data is processed lawfully, which is why GDPR also lays out the rules for consent. Consent must be freely given, specific, informed, and unambiguous. There must be some form of a positive opt-in, meaning consent cannot be inferred from silence, pre-ticked boxes or inactivity. This means that if you are communicating to your clients with marketing materials which they have previously opted in to receiving, they have the right to withdraw their consent at any time. You will need to provide simple ways for them to withdraw consent. Giving them access to their data so they can manage their details and consent (perhaps via an online portal), will retain the trust of your clients.
Currently, when any business collects personal data, they are required to give their clients all information on their identity and how they intend to use the information, using a privacy notice. This applies to accountancy firms too, and under GDPR, your firm will need to update the privacy notice you have in place with additional information, including lawful basis for processing the data, data retention period, and clients having the right to complain to the ICO if they think there is a problem with the way their data is being handled. GDPR requires this information to be provided in concise, and clear language, to make the process as easy as possible.
Appoint one and communicate about them. Give your clients the confidence you are not only compliant but a leader.
Speak to your clients about their own responsibly. Have they thought about it? Have they budgeted for any changes they may need to make? Are they following the same route as you are to compliance?
Do you hold any data that belongs to them outside of their own personal data (you clients’ clients?). If so, is it safe and compliant?
GDPR is a wide spanning regulation touching on various parts of all business; employees, processes, the technology that underpins the business and the activities the business partakes in. Steps you and your clients should consider as part of the journey from a business and a technology perspective are below. If you are conducting these activities why not share your plans with your clients and add extra value to your service offering?
The list can go on but by starting with these considerations you can see how vast this regulation can span when you consider the data accountants hold.
Ransomware arrives in the form of a link or a form of attachment. Opening the attachment starts the process of encrypting files and spreading the malware on the corporate network.
See the T-Tech Office 365 information pack, for everything on getting started with Office 365.
With GDPR fast approaching, it is important that your organisation has the right tools in place to protect itself from cyber attacks and the Cyber Essentials Plus certification is a good place to start.
Learn why adopting cloud computing is bringing business benefits both above and below the line. Join us for an exploratory session with our Chief Information Officer and Microsoft Azure experts to evaluate if a move to the cloud is the right fit for your business.
Whether you are already in the cloud or considering the move, join T-Tech for an open table discussion with our own cloud migration experts and Microsoft Azure specialists. We will explore the latest innovations within cloud and what they mean for the future of your IT infrastructure.
The General Data Protection Regulation (GDPR) is a European privacy law that will take effect as of 25 May 2018. The GDPR has stated that all companies take the data they hold seriously, and make changes to protect themselves from privacy and data breaches.
We see the GDPR as an opportunity to govern our data in the best way possible, and we want to help you improve processes across your business. The T-Tech GDPR guide and all you need to know about how to begin your journey to compliance.
In the last of a three-part series on GDPR on Accounting Web we lay the groundwork for accountants to communicate data-related changes to their clients.
Accountants hold particularly sensitive data on their clients. In the second of a three-part series on GDPR on Accounting Web, we want to provide practical advice and asks some questions you need to know the answers to in the future with relation to this updated regulation.
In the first of a three-part series on GDPR for Accounting Web, we look at why the regulation changes have come about, what they mean and how they will affect accountants.
T-Tech smashed their £10,000 target, as they embarked on a 5 day cycle and trek challenge in Israel, in aid of Norwood charity.
T-Tech Consultant Jessy Aspell looks at the importance of change management when implementing a new IT project within your organisation.
In less just over 3 months, the General Data Protection Regulation (GDPR) will come into force, changing the way we use, interact, and store personal data. Here are 10 useful facts that will give you the initial information you need to know.
Trying to control and maintain technology processes, without the right resources and expertise, alongside your daily duties, can be a real strain on your business. More and more SME's today are recognising the increasing need to grow their technology, to match the growing needs of their business.
See what our Managing Director, Daniel Teacher, has to say about the new GDPR, and how the responsibility for change and compliance is on you.