Share this content
12

Submitting comp by email to HMRC post GDPR

Will HMRC bother to read if password protected?

Didn't find your answer?

I would welcome any thoughts as I am about to submit a NRCGT computation by email to the NRCGT Team at HMRC.  Obviously, to be compliant with GDPR, I am password protecting it and giving HMRC a big clue that the NINO is the password.

However, I have grave reservations that HMRC will even bother with it.  This would leave us with an incomplete NRCGT return!  I can see penalties coming on as the 30 day deadline expires on Sunday 3 June 2018!!!

We clearly have no choice but to password protect it and I have attached the computation to a strongly worded covering email telling HMRC to ring us by Friday if they have any issues with the password.  Has anyone else had to send anything by email to HMRC post GDPR?

Replies (12)

Please login or register to join the discussion.

By ireallyshouldknowthisbut
30th May 2018 18:17

Id go back and read the GDPR legislation again personally as you must have been asleep the first time.

Clue: at no point does it say you must password protect.

Thanks (0)
avatar
By Expat24
30th May 2018 18:51

@ireallyshouldknowthisbut
Hugely unhelpful. Do you have such a sad life that you spend (nay, waste) your time being so obtuse!

Thanks (1)
Replying to Expat24:
By ireallyshouldknowthisbut
31st May 2018 09:38

Mok.

I will try to remember not to help you in future, and leave you to do create imaginary problems caused by your own ignorance.

Thanks (0)
JCACE
By jcace
30th May 2018 19:39

If you are concerned that HMRC will not open a password protected file, then don't password protect it. You do have a choice. And I wouldn't rely on HMRC to respond in any kind of hurry.

Thanks (0)
avatar
By Wanderer
30th May 2018 20:05

Expat24 wrote:

I would welcome any thoughts as I am about to submit a NRCGT computation by email to the NRCGT Team at HMRC.  .......

...... I have attached the computation to a strongly worded covering email telling HMRC to ring us by Friday if they have any issues with the password. 

My thoughts are that a 'strongly worded covering email' is a complete waste of time. I doubt if anyone at HMRC will even read it in the timescales you mention let alone react favourably to a 'strongly worded e-mail'.

Why are you submitting by e-mail anyway? Why aren't you using the shortform:-
https://www.tax.service.gov.uk/shortforms/form/NRCGT_Return

Thanks (0)
Replying to Wanderer:
avatar
By Expat24
30th May 2018 20:15

I have used the structured email NRCGT return but am submitting the calculation itself by email as it was too complicated to do within the confines of this structured email vehicle that HMRC currently use as the NRCGT return.
"You must confirm how you are submitting your computation.
Please enter only one of the following options in the box below.
Self Assessment individual tax return - if you are deferring payment
Self Assessment Trust and Estate tax return - if you are deferring payment
Self Assessment non-resident company tax return - if you are deferring payment
ATED-related CGT return - if you are deferring payment
Other information - if you have shown your computation in the 'Other information’ section of this return
Email - if you are submitting your computation separately via email
Exempt - if you are a fund or company claiming exemption"

Thanks (0)
Replying to Expat24:
avatar
By Wanderer
30th May 2018 21:58

Just copy & paste the computation into the two "Other Information" boxes. They don't read those anyway as the format messes up. You've got 4,000 characters to play with & it is unlikely that the CGT comp can't fit into these.

Can't help but think you are over complicating this issue.

Thanks (0)
By Tim Vane
30th May 2018 20:14

@OP: Don't begin your post with the words "I would welcome any thoughts" if you are going to act like an ingrate to the first poster who responds. The "thought" that ireallyshouldknowthisbut was passing on was that your use of the words "Obviously, to be compliant with GDPR" and "We clearly have no choice" strongly suggests that you do not understand GDPR and should review your knowledge. Frankly, I concur with his thoughts and echo them. Perhaps you meant to begin your post with "I welcome any thoughts unless you disagree with me in which case I reserve the right to behave like a stroppy ingrate".

My guess is that HMRC email systems will strip off any password protected PDF files since their infosec systems will not be able to virus check them. What's wrong with sticking it in the post, or would you want to encrypt that too "for GDPR"?

Thanks (0)
Replying to Tim Vane:
By SteveHa
30th May 2018 22:05

To be fair, and whilst I not only agree with your sentiments, and have the greatest respect for you, I can see the OP's point.

GDPR is not the most thought through legislation to hit this continent, and has people across all industries confused about what they need to do to be compliant.

Short of reading the DPO's 112 page guide multiple times (which I have, and I'm still not entirely clear) there's been little to no guidance made publicly available and digestible.

Thanks (2)
avatar
By AnnAccountant
31st May 2018 08:23

Just get on with it

Thanks (0)
avatar
By Scraggy Aggy
06th Jul 2018 04:54

I'm a little bit stunned at my colleague's responses to this query which I happened upon as I had the same query. We are part of HMRC's "pilot" e-mail scheme which appears to have become a permanent "pilot". Under GDPR you cannot send a client's sensitive personal data via e-mail unless it is either protected or you have the client's informed consent, not just simple consent. You can stick whatever you like in snail mail. In this day and age when e-mails are getting intercepted and data used maliciously (happened to an e-mail a client sent to us with a document attached) we should be even more vigilant. I am aware that some government departments are not applying GDPR correctly and I am also concerned about how this should be dealt with.

Thanks (0)
Replying to Scraggy Aggy:
My photo
By Matrix
06th Jul 2018 07:21

Please advise where it says that encryption is mandatory. I thought it says you have to take appropriate measures which mainly means not sending the email to the wrong person.

I emailed HMRC an attachment and it was accepted recently.

Thanks (0)
Share this content

Related posts