I’ve been looking at the changes to the data protection regulations that will be kicking in May 2018 – the so-called General Data Protection Regulation (GDPR).
I’m afraid that practitioners will need to reconsider their data management routines as the GDPR does introduce many new tasks. In the fullness of time, clients may also need their help, and being able to offer a data audit may be a profitable new side-line?
For example, the GDPR applies to both automated personal data and to manual filing systems where personal data are accessible according to specific criteria. This is wider than the DPA’s definition and could include chronologically ordered sets of manual records containing personal data.
The Information Commissioner’s Office (ICO) is already promoting systems changes in readiness for the May 2018 commencement date. Countless consultancies are springing up to offer rehashed versions such that you are GDPR compliant.
You will need to revise the Privacy Notice on your website, and consider including relevant changes to your engagement letters. You may need to appoint a Data Protection Officer (shades of MLRO?), document your data management systems and be ready to delete client’s data from your systems if this is what they desire.
During the next month, we will be adding tutorials to our online learning service, that offer some insights into these changes as well as keeping pace with tax updates as they occur.
If you would like to see how our online services could help you and your staff keep ahead of changing circumstances, and communicate these to your clients and prospects, message us any time for a demonstration.