Research is highlighting a worrying trend of accountancy firms not understanding the challenges and urgency of GDPR compliance.
Despite 72 per cent of accountants stating their practice will be compliant come the 25th May 2018 deadline, only a quarter have procedures in place to detect, report and investigate personal data breaches.
There are of course many professionals concerned by the upcoming legislative changes and the research, conducted by IRIS, has revealed many are unconfident in the fundamentals which will impact accountancy professionals. 54 per cent are unsure if employees can apply the principles of personal data protection while 52 per cent are unsure their company can demonstrate they have the necessary basis to hold client data in their systems.
Sion Lewis, CEO at IRIS Accountancy Solutions, says, “We are pleased to see that many accountants are aware of the GDPR legislation and confident they will be compliant by the May 2018 deadline. Accountants have long since recognised they hold very sensitive client data that must be safeguarded. However, there is clearly work which still needs to be done and many are underestimating the task ahead.
“Our job is to provide clarity and alleviate accountants’ concerns, by helping them prepare and provide access to the products and services that will assist with GDPR compliance. It’s all part of respecting their clients’ right to privacy and safeguarding the relationships they have with them.”
The dichotomy in compliance was also evident in the findings, with 47 per cent predominately using email to share data with clients and 40 per cent using paper to store client information within the practice; highlighting the need for many to digitise to increase security levels.
It’s not only their own firm accountants need to consider however, as compliance is equally vital for their clients’ customer base. It’s therefore worrying 43 per cent of accountants are yet to discuss the upcoming legislation with their clients despite there being less than 7 months until compliance is mandatory.
Sion Lewis continues, “Preparation, education and action is needed now to become compliant. IRIS is providing customers with support, training and access to skilled professionals to advise how their practices need to prepare themselves and their clients for GDPR. With fines for the most serious infringements having the potential to hit €20 million or four per cent of a business’ global turnover, the time has come to be ready for GDPR and take advantage of the support available to ensure both accountants and their clients are prepared in advance of next May.”