Is your client spreadsheet a GDPR risk?
A spreadsheet might be a convenient place to store information about your clients but are you confident that your spreadsheets are secure enough to comply with GDPR, the European Union’s strict data privacy and security legislation? Here are four reasons why you might want to consider using an alternative to spreadsheets for storing information about your clients.
1. Spreadsheets are insecure
Spreadsheets are designed to store, edit, organise and sort through data. They’re simple to copy and share with your coworkers, which means that you can easily end up with a sprawl of poorly maintained spreadsheets that are full of sensitive data.
With information held in spreadsheets it can also be difficult to demonstrate that you have taken the proper precautions to secure data in the event of a breach. Even with password protection, spreadsheets can be copied and saved by anyone with access, which unfortunately leaves them vulnerable to abuse.
2. Spreadsheets are difficult to maintain
GDPR legislation requires that any personal data you hold must be accurate, complete and corrected when it’s not. Unfortunately human error is rife in spreadsheets; a study by Salesforce found that 88% of spreadsheets contained at least one error.
As an accountant or bookkeeper, you're probably more likely to keep information accurate and up to date than those in most other professions. However, spreadsheets are notoriously unreliable and there have been many high-profile cases where mistakes in spreadsheets have had costly repercussions.
3. It can be difficult to keep tabs on spreadsheets
GDPR rules require you to delete any personal information that you hold about your clients if they stop using your services or request that their information is deleted. If you share your client data with your colleagues, there could be numerous different versions of your spreadsheets floating around and no way of knowing which one is the most up to date. You could end up holding information about clients in spreadsheets that you don’t even know exist, which would make it impossible to delete the data if required.
4. Spreadsheets can be tricky to collate
According to the guidelines from the Information Commissioner’s Office (ICO), you’re required to share all the information you hold about a client with them if they request it. You also need to respond with the data within a month of the request. Even if you’re able to track down all the spreadsheets containing a client’s personal data, if the information is spread across a number of versions it can be both tricky and time-consuming to pull it all together before the deadline.
An easier way to keep your clients’ data secure
With so many insecurities in spreadsheets you might be wondering how you can make your record keeping more secure. Switching to cloud-based software might be the best option for your practice.
Stay safe in the cloud
Storing your clients’ personal data in cloud accounting software like FreeAgent is a safe way to ensure that your security processes are more robust. Unlike spreadsheets, FreeAgent makes it easy to maintain up-to-date client records. Any time you update a client’s information, the software will ensure that the data is updated in every relevant location in FreeAgent.
The ‘export all data’ feature makes it easy to gather and export all the data that you hold for a client and ensure there’s no sensitive information left lurking in hidden files. You can also use FreeAgent to quickly and easily remove your access to a client's data if they ask for their information to be permanently removed from your records.