While researching possible MTD bridging software available from suppliers it seems essential that, to use it, one must grant that supplier with the authority to submit sensitive VAT data through that digital link. I am concerned that this could constitute a breach of confidentiality relating to a client's data. Do others consider this to be an issue that should be recognised or is paranoia creeping in? Should a client therefore also give specific authority for such action to be taken?
Replies (2)
Please login or register to join the discussion.
How do you feel about other software providers who you must use, who could also have access to your clients data?
I use about 5 programs all with keytime/iris, from time to time things go wrong they need to access the data.
You can't avoid it, all you can do is make sure you cover yourself.
As SXGuy says its the same for non bridging cloud providers. HMRC do have some hoops on security and cybersecurity that providers have to jump through.
For example there is a test as to the quality of the encryption. You can run the test for three providers by clicking on these links (you can run it for anyone you want)
https://www.ssllabs.com/ssltest/analyze.html?d=www.xero.com
Xero comes out as grade A
https://www.ssllabs.com/ssltest/analyze.html?d=www.sage.com
Sage comes out as grade A
https://www.ssllabs.com/ssltest/analyze.html?d=www.vat.direct
and Vat direct (a bridging provider) comes out as grade A+