As accounting data will include personal data, once the period for retention has passed, the business should be able to instruct the cloud app provider to delete the data.
I've been having "discussions" with one of my providers over this as they can't currently do it, meaning the business would have to go through every customer, supplier or employee record and manually change the personal data so that it's not identfiable to any one person.
Anyone else had similar discussions or confirmed that their providers can do it?
Replies (8)
Please login or register to join the discussion.
I haven't seen the need to have these discussions as all the data we hold ourselves are for legitimate, contractual and legal purposes.
Have you got a scenario that a practice may encounter where personal data needs to be deleted?
I see your point. Whether cloud or hosted, our financial software keeps transactions and therefore personal data going way back. However I am keeping that financial data from 2011 and earlier as it forms part of my accounts and my sales ledger which goes back to day one. There are legitimate reasons to have that data and HMRC can go back as far as they like in certain circumstances.
As I have kept this data secure and not used it as part of any marketing then I won't have an issue.
I'm not aware of the ability, at least with the main products I/we use.
FreeAgent only recently added the ability to "hide" old users (eg so when adding a new business expense paid personally I can't inadvertently allocate it to a staff member who left a few years ago!). However I think their general rule is that all the data is always there under the bonnet.
You're right though, for older data where any arguments of needing for HMRC/AML purposes are gone, we should be able to delete it completely.
I'm sure this will be one of many things where full compatibility with GDPR will only come gradually over the next few years, as even those businesses that think they're fully compliant probably have multiple scenarios they haven't yet thought of where they're not.
SageBusinessCloud accounting and payroll both provide this exact functionality for its users... see below link.
It's a very salient point.
Best short terms solution I can think of is to change customer name to "Oldcustomer_1", delete address and contact fields, and leave it for sixty days or something like that to work through the backup cycle.