Read our FAQs and the latest guidance on Data protection and GDPR.
Updated guidance from the ICO
This guide summarises the general erasure obligations set out in GDPR, the exceptions available under GDPR and the DPA 2018 and provides practical interpretation of these in relation to various example service offerings that may be provided by ICAEW members.
The Data Protection Act 2018 (DPA 2018) came into force on 25 May 2018 to replace the Data Protection Act 1998. It sits alongside the General Data Protection Regulation (GDPR). This guide is part of a series that explain some of the new or more difficult concepts introduced by the DPA 2018 and the GDPR.
This guide summarises the general transparency obligations set out in GDPR, the exceptions available under GDPR and the DPA 2018 and provides practical interpretation of these in relation to various example service offerings that may be provided by ICAEW members.
Premium Content: This is exclusive item - please log in or subscribe to view this item.
This example password/pass phrase policy could be used by an organisation to help protect client and employee data. It is jointly published by ICAEW's Business Law and Tech Faculty.
Premium Content: This is exclusive item - please log in or subscribe to view this item.
Helpsheet issued by ICAEW’s Technical Advisory Service to help ICAEW members to make their own assessment whether they act as a data processor or data controller under the GDPR.
Find out whether you should consider encrypting your data, how encryption works in practice and what types of appropriate technical and organisational measures are common.
These FAQs consider the impact of GDPR and how affects accountants, including what is now included in personal data, how to prove accountability, as well as when and how ‘consent’ can be used as a lawful basis for processing. It explains the new responsibilities of data processors under GDPR as well as the role and responsibilities of data controllers.
This guide outlines the issues the General Data Protection Regulation (GDPR) raises for the trustees of pension funds, including their dealings with administrators and auditors. It is part of a series designed to answer the questions that members have been asking about the GDPR.
FAQs for insolvency practitioners on the General Data Protection Regulations (GDPR).
Premium Content: This is exclusive item - please log in or subscribe to view this item.
Helpsheet issued by ICAEW’s Technical Advisory Service to help ICAEW members to understand the requirements of the GDPR as it relates to client files applied to common situations experienced by a member.
Use this checklist to help your organisation to prepare for GDPR.
Premium Content: This is exclusive item - please log in or subscribe to view this item.
Helpsheet issued by ICAEW’s Technical Advisory Service to help ICAEW members to understand the requirements of the GDPR in relation to the rights of an individual.
Premium Content: This is exclusive item - please log in or subscribe to view this item.
Helpsheet issued by ICAEW’s Technical Advisory Service to help ICAEW members to understand the requirements of the GDPR in relation to communicating safely with clients.
Premium Content: This is exclusive item - please log in or subscribe to view this item.
Helpsheet issued by ICAEW’s Technical Advisory Service to help ICAEW members to understand the requirements of the GDPR in relation to lawful basis for processing.
Premium Content: This is exclusive item - please log in or subscribe to view this item.
Helpsheet issued by ICAEW’s Technical Advisory Service to help ICAEW members to understand how data mapping and documentation can assist in meeting the requirements of the GDPR.
Premium Content: This is exclusive item - please log in or subscribe to view this item.
Technical helpsheet issued to help ICAEW members understand the requirements of the GDPR in relation to a data breach. Detailed guidance is available from the Information Commissioner’s Office (ICO).
Go through this checklist to make sure you're ready for the introduction of GDPR. The checklist includes: appointing someone senior to oversee the process, reviewing existing information and cyber security, mapping your data, reviewing contracts with clients, suppliers (anyone who processes your data) and employees, drafting data protection policies and procedures, and training staff.
These FAQs give accountants an overview of GDPR. It includes questions on how it differs from the current data protection approach, who will have to comply with it and whether Brexit will have an effect. It also explains key terms and concepts, including the accountability principle, the responsibilities of data processors, what a data protection officer is, and issues around data privacy.
The Serious and Organised Crime Agency (SOCA) takes the need to protect the confidentiality of reporters very seriously. Access to Suspicious Activity Reports (SAR) information is conditional on compliance with Home Office issued guidance.