Share this content
0
4314

GDPR - File Transfer

GDPR Compliant way of transferring files between Accountant and Client

Didn't find your answer?

Search AccountingWEB

I've been thinking recently about ensuring the files I transfer to my clients are properly protected, particularly in light of the incoming GDPR regulations. I can achieve this relatively easily using encrypted ZIP files, with security further enhanced by texting the password and emailing the actual file (etc.)

In parrticular I have been considering the security implications for me clients transferring their information to me. Do I need to take responsibility for how securely they transfer their information? If I'm asking them to provide me with information like passport numbers, NI numbers and so on do I need to make sure they transfer this information securely to me, or do they take ownership of this?

A fair few of my clients are not massively tech savvy - part of the reason they use me. I have considered using some sort of secure file transfer system. I had a look at Accountancymanager and Senta, as they contain this feature - alongside having practice management tools. The problem is as a micro practice with only 40 odd clients they seem like a little bit of overkill for me. Looking at the workflow generated by them I think I might end up taking up much more of my time than my current  digital to do list (I use Toodledo - cloud based and free for the version I use and has various recurring task options). Considering that it seems like a lot of money £20 - 40 per month (+ non-recoverable VAT) to spend for just the document transfer.

Is anybody else using any secure file transfer options to communicate with clients (in both directions)? I considered using Google Drive - but then people have to sign up for their own google account. This is partly the same with Senta and AM - but at least I can control that and issue them a login etc.

Replies

Please login or register to join the discussion.

avatar
05th Mar 2018 13:36

I'm currently trialling MyDocSafe.

Thanks (0)
By nodhedz
05th Mar 2018 15:40

I’m using google drive. The sign up process for clients is fairly easy and they can assign their existing email address to sign in rather than the gmail one they would get given.

Thanks (0)
05th Mar 2018 18:21

It's up to the client to decide how they send you stuff.

For the most private stuff like accounts, tax returns (and data) as well as AML ID stuff that I transmit, I use Iris Openspace, it's free and has an electronic approval feature. Clients can send stuff via it as well, but only a couple of mine bother.

It's limited on storage but I don't use it to archive, ie nothing older than a year, and have never got anywhere near the limit.

I use Google for business for everything I do, sharing some stuff with other clients that use G Drive but, like any such provider, you have to make sure they guarantee GDPR compliance, especially as their servers are not in the EU. They have their privacy policies on site and I'm sure will be compliant by D day.

Thanks (0)
avatar
By MattG
05th Mar 2018 21:03

Thanks for your responses.

I looked at MyDocSafe and it seemed like it would cost about as much as the practice management software I was looking at but for just the documents element.

I'll have to have a play with the Google Drive options - I currently pay for it anyway (not that it costs much) so I might as well take advantage.

Paul - Iris Openspace - is that a free trial, or indefinitley? Is it just free for Iris customers? I wouldn't have associated Iris with a free product, unless it's a loss leader to try to sell you their other products.

Thanks (0)
to MattG
06th Mar 2018 01:43
Thanks (1)
avatar
By MattG
06th Mar 2018 13:29

Thanks Paul, I'll check it out. I've had a play with Google Drive and that seems fairly easy, though having digital signatures might be nice. It really comes down to which is the easiest for my clients to use.

Thanks (0)
06th Mar 2018 21:29

Have a look at this thread. https://www.accountingweb.co.uk/any-answers/virtual-desktops-or-cloud-ho...

Starts about hosted systems and then moves in to file transfer.

I would suggest pCloud.

Thanks (0)
avatar
08th Mar 2018 12:29

Accountancy Manager will work if you want to share key files with clients and esign
www.accountancymanager.co.uk

Thanks (0)
avatar
08th Mar 2018 12:43

We use sync.com for all our client files - it works like Dropbox, but has the advantage of being far more secure with options for encryption. While we are on the business package there is a free-for-ever starter package. A further advantage is that it can be installed on a PC or Mac as a folder and we get our clients to work there so there is no need to transfer files. And, in the event of that PC or Mac gets lost or stolen, it can remotely deactivated from sync.com

Thanks (0)
avatar
to reconynge
09th Mar 2018 08:42

Yes - I also use sync.com. Found them very good and very responsive on the few occasions I have contacted them. Based in Canada.

Thanks (1)
avatar
08th Mar 2018 13:57

Have a look at sharefile - this incrypts emails

Thanks (0)
avatar
08th Mar 2018 22:08

My company provides simple secure encrypted file transfer and secure encrypted email software for £20 a year plus VAT.
We provide this to other accountants and payroll bureaus to help our clients meet their requirements for GDPR compliance.
Our servers are located in the EU and the UK

www.sslpost.com

Thanks (0)
14th Mar 2018 18:14

I presume Google Drive is ok because clients can send files to their client folder in GD which I can then share the file with the relevant members of my team dealing with it.

Thanks (0)
to Counting numbers
03rd Apr 2018 15:09

You can share files or folders but, unlike say Dropbox, you can also collaborate, editing, leaving comments etc etc with anyone with a Google login receiving notifications of changes/comments.

This has been so helpful if I'm working with clients keeping their books on spreadsheet (Google sheet) or if I need to ask them a set of queries for their accounts or tax return.

Thanks (0)
03rd Apr 2018 13:55

The only problem with Google Drive is their servers are out of the EU (think in the US) which is a whole other kettle of fish in regards to GDPR, so I am not so sure they will have their regulations in check for D day!

Thanks (0)
to MalloryE
03rd Apr 2018 15:10

They will be compliant, or rather I'm not losing any sleep:
https://cloud.google.com/security/gdpr/

Thanks (1)
Share this content