Why should accountants take notice of GDPR?
Billed as the “most important change in data privacy regulation in 20 years”, GDPR took affect on 25 May 2018. So what is the regulation and why should accountants take notice?
What are the implications for accountants?
Accountants handle a vast amount of data – both client and employee – on a daily basis. Firms will need to ensure that their systems are robust enough to meet GDPR requirements and that the data is protected in line with GDPR provisions. To determine whether operations comply with GDPR, firms may need to carry our an audit on currenct procedures in order to identify if and where they fall short of GDPR standards.
By failing to comply, accountants leave themselves open to significant penalties. Organisations in breach of the regulation could be fined a standard penalty of €10m or 2% of annual global turnover, up to a maximum of 4% of annual global turnover, or €20m, whichever is greater.
As accountants position themselves as strategic advisers to clients, GDPR is an opportunity for firms to demonstrate to clients that they can securely hold and process information in line with data requirements, and that protection of client data is a priority for the practice. As a result, clients are likely to see their accountants as trusted professionals to whom they can entrust business and personal data, and with whom they can partner to drive their business forward.
Actions your firm needs to consider
- Understand where and how your firm uses and stores personal data of EU individuals.
- Review the regulation with technology professionals and legal counsel to understand your firms’ obligations as a controller or processor of personal data.
- Implement a compliance and monitoring plan.
- Review your existing security controls.
- Assess your third parties’ personal data security standards.
- Be prepared to report data breaches promptly, and within 72 hours
Contact Us
Hope you find this useful. If you need an EU Rep, have any GDPR questions, or have received a SAR or Regulator request and need help then please contact us anytime. We are always happy to help...
GDPR Local team.
Recent blogs
Ethical Data Marketing in Canada: Balancing Innovation and Privacy
In the dynamic landscape of modern marketing, data has emerged as a powerful tool, offering insight
Protecting Data in Oz: Avoiding Costly Violation Penalties
In the digital age, data is a treasure trove of information that drives businesses and empowers inn
Managing the Role of the EU Representative in the USA in 2023
Since the enactment of the GDPR, US organizations have been benefitting from the role of the GDPR r