Free GDPR Checklist
The questions in this free checklist are intended to help you assess how well your data security and usage controls compare to the GDPR requirements and help identify areas for improvement.
The questions in this free checklist are intended to help you assess how well your data security and usage controls compare to the GDPR requirements and help identify areas for improvement.
Helping you with your GDPR implementation, here are some final steps every accountancy firm can take to ensure they are GDPR compliant by 25 May 2018.
What to do next
Clients may look to you for advice and, depending on their business, implementation could require considerable time and monetary investment on their part to ensure that they are compliant. Clients can benefit from your own implementation experiences.
For more practical hints and tips on data protection and to get you started on your preparations for 25 May, please come to one of our series of courses on the ‘General Data Protection Regulation – What Accountants Need to Know’ at the Talbot Hotel, Stillorgan, County Dublin on one of the following dates:
Wednesday 18 April 2018 2pm to 5pm
For more information on our other upcoming courses click here
Helping you with your GDPR implementation, here are some steps every accountancy firm can take to ensure they are GDPR compliant by 25 May 2018.
What to do now
This requirement is quite far reaching when you think about it – accounting and tax software, audit software, payroll software, practice management systems, network drives, C and D drives and of course, paper accounting, tax, company secretarial and audit files.
The review will need to extend to the many individual devices on which information is stored – e.g. laptops, desktops, tablets, phones and memory sticks. You can’t put processes in place until you know what you’ve got and where it’s located.
Most good IT support firms and software houses will be ready to guide you through the technical bits. You will need to check contracts with third parties who hold data on your behalf, including software providers and cloud-based services (known in the legislation as data processors). It will be important to understand where they hold the data and to ensure that they are GDPR compliant.
For more practical hints and tips on data protection and to get you started on your preparations for 25 May, please come to one of our series of courses on the ‘General Data Protection Regulation – What Accountants Need to Know’ at the Talbot Hotel, Stillorgan, County Dublin on one of the following dates:
Wednesday 18 April 2018 2pm to 5pm
For more information on our other upcoming courses click here
The 25 May 2018 deadline for GDPR implementation looms ever closer.
It is vital that all accountants and their clients have at least a basic understanding of the new Data Protection Regulation (GDPR) that will come into effect from 25 May 2018.
Here is another in our continuing series of tips on how bet to implement the new rules.
Right to be forgotten
GDPR introduces a new ‘right to be forgotten’ giving individuals (essentially former clients and employees) the right to request for all their personal data to be deleted.
How does this affect the typical accountancy firm holding data for money laundering identity checks and information held within the firm’s own accounting records?
It has been confirmed that this new right is overridden by statute – i.e. an individual cannot require you to delete information from your due diligence and internal accounting records, when there is an overriding statutory requirement for holding that data.
Although how much personal data you would hold for accounting purposes is questionable. However, if you’re holding information over and above what’s required by law (five years after the client has left the firm, for AML purposes for example) for some other purpose, then you would have to consider the legal basis and the individual’s rights.
For more practical hints and tips on data protection and to get you started on your preparations for 25 May, please come to our course on the ‘General Data Protection Regulation – What Accountants Need to Know’ at the Talbot Hotel, Stillorgan, County Dublin on the following date:
For more information on our other upcoming courses click here
Small accountancy practices, like any other SME will need to ensure they have written policies and procedures in place on time to implement the requirements of the GDPR by 25 May.
Here are some more ideas for some practical implementation steps firms may be able to take.
Privacy notices
Privacy notices are used to inform individuals that you hold their data, how, why, where it’s held and their rights. You can provide this information in various ways e.g.:
Guidelines from the Data Protection Commissioner require privacy notices to be clear, concise, and easily accessible.
Current wording in the above documents is likely to refer to The Data Protection Acts 1988 and 2013 and is unlikely to comply with the new requirements and will require revision.
For more practical hints and tips on data protection and to get you started on your preparations for 25 May, please come to one of our series of courses on the ‘General Data Protection Regulation – What Accountants Need to Know’ at the Talbot Hotel, Stillorgan, County Dublin on one of the following dates:
Wednesday 18 April 2018 2pm to 5pm
For more information on our other upcoming courses click here