The General Data Protection Regulation (GDPR) came into effect on 25 May 2018, overhauling the way businesses handle data across Europe.
Even if this wasn’t on your radar before it came into force, you probably didn’t miss the flurry of emails about privacy policies and mailing lists on and around that date.
As a business owner, it’s important not to forget about the requirements now the deadline has passed, and to keep applying the principles across all the work you do.
What is GDPR?
GDPR is an EU law which is intended to give individuals greater control over their personal data.
It affects organisations of all types and sizes, as it applies to any company that handles the data of EU citizens.
What are the effects?
It’s hard to measure the effects GDPR has had so far, but the rules are designed to bring older regulations on data protection up to date with modern technology.
As such, we should see an improvement on the way data has been handled in the past, with organisations held more accountable for the way they deal with personal data.
This is not only an opportunity for businesses to examine and update their data protection practices, but should also give customers more reason to trust them with their data.
Is my accounting software compliant?
The rules have come about in response to rapid technological change – and accounting software is no exception, with an increasing volume of financial data being stored digitally.
The records you collect using this software could include personal data on the people your business deals with, so it makes sense to ask whether the software you use is GDPR-compliant.
Unfortunately, there’s no simple answer to this question at this moment in time.
While many providers have adjusted their software to suit GDPR requirements, it’s still up to each business to make sure it’s handling data in the right way.
This means integrating data security and privacy across all your systems and processes, which is not something a single piece of software can ensure.
That’s not to say there’s no point in thinking about data protection in your software, though.
Part of minimising risks in your data processing is choosing secure software which follows the principles of ‘data protection by design and by default’.
We offer our clients Xero accounting software, which protects data with encryption, has multiple layers of firewalls and military-style security at all its server locations.
Xero has also put a series of new measures in place in line with GDPR requirements, including data tracking and records. You can read more about them here.
Still unsure?
If you’re still not 100% clear on GDPR, there’s no need to panic.
The Information Commissioner’s Office, which is responsible for enforcing the rules in the UK, has published a series of guides and blogs on the regulation.
If you can’t find the information you need online, you can also contact their helpline.
We can’t offer you advice about GDPR, but get in touch if you’d like to discuss any other issues related to your business.