If, on the off-chance GDPR has somehow passed you by, and it’s not as unusual as you would think. We thought we would give you a quick overview of GDPR, how it has impacted us at Diagnostax and how it may impact your firm in the future.
So, what Is GDPR?
On a sunny afternoon in April 2016 the EU announced the General Data Protection Regulation. A regulation that would change the way data was handled by companies forever.
Designed to update and align current data protection laws across the continent. The new regulation gives greater rights and protection to the individual when it comes to their personal data and gives greater sanctions to companies that don’t align with the law. Companies in breach of the regulation could be fined up to €20 million or 4% of global turnover.
At Diagnostax we have been preparing for GDPR for a while, so we thought we would share some of the things we have learnt along with way. It’s important to note, that the regulation is all about people. And whether we like it or not, very often people are reluctant to change.
Regardless of the company you work for, making changes to policies and working on new procedures is not the most fun thing, but it must be done.
So you’re thinking: What does this mean to me?
To meet the new standard, you may have to make some big changes to your existing policies and enforce new rules to make sure that you are fair and honest, especially when it comes to collecting data in the future. Some firms may need to carry out an audit on current procedures to identify, if and where, they fall short of GDPR standards.
“Look at what priorities you need to put in place, as for many businesses including accountants, itis getting started.” – Glenn Pearson, Director at Augmentum Business Solutions
When it comes to collecting data always ask “why?”, what is the purpose of the data you are asking for and is it necessary? If you can’t justify the reason for collecting the data, don’t.
Just like the onboarding of technology within your firm there are far more positives than negatives. GDPR is all about respect. And respect can only be a good thing.
Take this as an opportunity to build better relationships with your clients.
It’s about trust, and being transparent, tell your clients why you need the data you are asking for.
GDPR offers you the opportunity to become a valued and trusted advisor to your clients, allowing you to prove your compliance with the data protection law, and show you respect and care about their personal data. As a result, clients are likely to see you as trusted professionals to whom they can entrust business and personal data, and with whom they can partner to drive their business forward.
How do I make my clients aware of the other services we offer?
Our marketing team have spent – some would say -too many hours sifting through legislation and turning our policies on their head, to ensure we can be as transparent and as open as possible.
GDPR doesn’t mean you must start afresh completely. Consent and legitimate interests are key considerations when assessing the use of personal data for marketing purposes.
If you choose consent, make it clear and easy to understand, no sneaky pre-ticked boxes or hidden unsubscribe button on emails.
When contacting your clients for marketing, it is important to consider legitimate interest. This basically means you must be able to state a clear case for contacting your clients for reasons other those they have given you specific consent for. For example, informing your clients about a new service your firm offers may be covered by legitimate interest, as it is in their interest to be made aware of this information.
So who should I listen to?
Although, we’ve given a little bit of guidance above. The biggest lesson we have learnt, is don’t follow other people’s guidance. This has the potential to be fatal. Remember, this is your data and your journey. The most valuable tip we can give to you, is familiarise yourself with the official guidance.
The below links are helpful:
Diagnostax legal disclaimer
The information contained here is for general guidance purposes only. It should not be taken for, nor is it intended as, legal advice. We would like to stress that there is no substitute for customers making their own detailed investigations or seeking their own legal advice if they are unsure about the implications of the GDPR on their businesses.
Diagnostax is here to help you realise your future potential and generate success for your firm by embracing digital transformation. Our tax diagnostic software represents the next big opportunity for your practice, in terms of realising greater efficiencies, and expanding your services to add greater value to your clients.
Never worry, we hold your data with the greatest of respect, our Information Security Manager explains more about our information security management standards. Read more here.
Read more from Diagnostax