At Wolters Kluwer we’re committed to helping our customers comply as efficiently as possible with GDPR.
Over the last six months, we’ve been working with external consultants to review our entire software suite and test its state of readiness. The good news for our customers is that our software is already fully able to meet their needs under GDPR.
That said, GDPR introduces a number of new and extended requirements that might cause businesses and other organisations additional work (for example, extracting data to comply with a data access request) so we’re enhancing our software to reduce the impact of the new regulations on our customers.
Over the coming months, we’ll be releasing updates to cover the following areas:
- Capturing and recording consent – Our CCH Central software will allow users to define the consents they want to keep and to record any other basis for processing personal data.
- Responding to information access requests – When clients request a copy of personal data, a single routine will allow practices to select the data to be included in the response and then to save this in a PDF or other human-readable format.
- Erasing data – Again, having a single routine to run across the database will make this potentially complex procedure much simpler. Records will either be deleted or, if there’s a legal requirement to retain the data, they’ll be marked to show that an erasure request has been received, hiding the data from standard users.
- Providing portable data – A single routine will allow users to select the data to be exported in response to a request under the new GDPR provision for data portability. This will massively reduce the time and effort of complying with such requests.
- Data retention – We’ll be making it easier for accountancy firms that use our software to implement consistent data retention policies.
- Audit trail – The audit trail will be extended to cover all records where changes and actions need to be tracked under GDPR.
- ‘Privacy by design’ – The highly configurable permissions and security model already at the heart of CCH Central will help our users meet the GDPR requirement of demonstrating ‘privacy by design.’
- External communications – Security and encryption are already embedded into our client portal technologies, which are being incorporated into our new online solution, CCH OneClick. These provide a simple and secure way of exchanging messages and documents with clients.
Coming on top of the inherent design strengths of CCH Central, these enhancements mean our customers will be well-placed to deal with GDPR. In fact, we believe we’re doing more than any other software vendor in our market to assist their users in becoming GDPR compliant.
If you’re not a Wolters Kluwer customer, you need to have a conversation now with your software supplier around these points. How easy will it be for you to respond to data access requests, or to provide data in a portable format? How will you capture and record consents? These are important issues to settle if your firm is to become GDPR compliant using your current software.
Software to help accountancy practices and their clients with GDPR compliance
We’ve partnered with a leading online solutions provider to support accountancy practices and their clients in their journey to initial compliance and ongoing governance.
CCH GDPR Compliance is a cloud-based system that brings together everything you need for GDPR in one place. Simple checklists and workflows generated by the software steer you through each aspect of compliance. The system helps you log, report and manage data breaches and it allows you to update all your privacy notices from a single location.