This is an article I wrote for ACCA’s In Practice publication, (to be included in the April 2018 edition).
The real threat of GDPR non-compliance is loss of business
With just under two months to the 25 May 2018, the GDPR compliance deadline, I suggest that practitioners who have not yet tackled the thorny issues raised by the new regulations make a start.
Much has been written in summary format about the practical steps required to achieve compliance; having applied myself to the task for my own small practice, I can report that this is not a process for the faint-hearted.
But this article is not about the detailed work you will need to complete, it is about the real threat to your practice if you don’t become GDPR compliant.
The GDPR aims to protect the rights of individuals to manage the way that third parties acquire, retain and disseminate their personal data. All businesses in the UK are required to comply. Publicity regarding the GDPR has tended to stress the financial penalties if organisation abuse these new regulations and rights. It occurs to me that there is a much bigger threat for practices, and their clients, to consider.
Your clients will also be affected by these changes, as will your suppliers and the numerous connections we all have in our supply chains. We will all need to become compliant. And when we share our personal data, or personal data under our direct management, we will need to know that the person or organisation that we are sharing the data with is also GDPR compliant.
If practitioners have not yet received a direct request from clients to confirm that the practice is GDPR compliant, they will do… And if you cannot provide assurance that you are compliant, clients will have no choice but to seek an alternative advisor who is…
How do you become compliant?
Bob Edwards has formed a joint venture with GDPR Auditing Ltd and they have created a GDPR Workbook and guides that will see practitioners through the labyrinth of tasks that need to be completed. You can see what they have created here or you can contact Bob by email at: firstname.lastname@example.org.
Much of the detail has already been pre-filled for you…