Brought to you by
brightpay

The payroll solution that provides all you need for Auto Enrolment.

Share this content

How one accountancy service provider prioritised security & data protection

1st Jul 2022
Brought to you by
brightpay

The payroll solution that provides all you need for Auto Enrolment.

Share this content

Online security is a concern for all businesses. The huge rise in phishing attacks over the past two years has made sure we’re all aware of the threat of malware to our personal and business devices. Earlier this year HMRC reported a surge of 87% in HMRC-branded phishing scams during the 2020-21 period. It’s not simply phishing emails that have risen in use. It’s also SMS texts with harmful links, phone calls and voice messages looking to con people out of their money. The damage of malware to a business’s operations can be severe. It can cost money, prevent a business from delivering their services, and damage their relationship with their customers.  

How can businesses implement tighter security when it comes to payroll?  

When it comes to payroll, security is critical. You are dealing with your clients and their employees’ most sensitive information. Most likely, you will have their contact information, their addresses, banking information, salary information, and more. Malware may prevent you from processing payroll on time for your clients or even worse, their data may be stolen.  

When we recently spoke to a customer about their reasons for moving to BrightPay Payroll Software, it was not surprising to hear the topic of security and GDPR come up. Annamarie Angel, Director of Deadline Accounting, an outsourced accountancy service provider, switched to BrightPay in 2017. When changing to her new payroll software provider, she made sure to look at what type of security was offered and how it would protect her and her clients.  

“One of the really big things was security. That was one of the things I took up with BrightPay before we started using the software. I did specifically question you [BrightPay] around data protection and what the security systems are.” 

How does BrightPay help with online security and GDPR?  

Annamarie uses BrightPay and the cloud add-on, BrightPay Connect, to deliver payroll services to her clients. BrightPay Connect, offers a wide range of payroll and HR features that make the payroll process quicker and easier. It allows your client to access the payroll information, payroll reports, view amounts due to HMRC, and allows their employees to request annual leave and view their payslips. It was also specifically designed to help businesses comply with GDPR.  

How does BrightPay help with online security and your compliance with GDPR?  

online security gdpr

Data Encryption 

By using BrightPay Connect, Annamarie immediately reduces the risk of losing data as it automatically backs up the payroll information to the cloud. Data backed up to BrightPay Connect is encrypted using SSL (an encryption-based Internet security protocol). The data is stored securely within Microsoft Azure data stores, access to which is tightly restricted to a limited set of servers and IP addresses. If the payroll data on your own device is compromised, it should be worthless as many of the key fields (e.g. NI number, names, bank details) are encrypted within the software.  

“We can share information, we can liaise with the client, we can send each other comments, and send each other information and know that it is on a secure portal.” – Annamarie Angell  

Two-factor authentication 

BrightPay Connect also offers two-factor authentication. When enabled, any client who tries to sign into BrightPay Connect will need to enter a security code which will be sent to them via email or text. Two-factor authentication is a second layer of protection to re-confirm the identity of users logging into Connect through an internet browser or though Brightpay. This provides an extra layer of security in the event of the user’s password being stolen. 

GDPR:  

As you likely know, the General Data Protection Regulation (GDPR) is the data protection law that came into effect in 2018 in the European Union. It has since been incorporated into UK law and is now known as UK GDPR. The purpose of the GDPR is to protect citizen’s personal data. How businesses collect, store, and share their customers’ information must comply with it.  

If you’re processing payroll, it’s likely you have a lot of personal information collected about your client and their employees. BrightPay Connect offers an easy way of managing this information to ensure you comply with the requirements set out by the GDPR.  

  • If you email payslips to employees, they must be password protected. To simplify and quicken this process up, you can use BrightPay Connect to send payslips to employees’ self-service dashboard. By using a secure cloud portal such as this, you are complying with  GDPR.  

  • The GDPR legislation includes a best practice recommendation, whereby organisations provide individuals with remote access to a secure system, which would give them direct access to their personal information. BrightPay Connect’s employee app allows your clients’ employees to access their personal information at any time, from anywhere. It also allows them to request to edit it.  

  • With BrightPay Connect, the data you gather is the all the data you require to process payroll. You cannot gather more information than necessary, and potentially run afoul of GDPR.  

  • BrightPay Connect’s user management system makes it easy to manage who has access to the client’s payroll information and who does not. You can decide who on your team can access it and who on the client’s team can access it, and to what degree. This means you have both flexibility and security over access to the client’s payroll data.    

What else can BrightPay Connect do?  

Annamarie and her colleagues at Deadline Accounting use BrightPay Connect to communicate with their clients. They use the payroll entry request feature to request their clients add payments, additions, and deductions for each pay period. Their clients also use it to approve the final payroll summary before it is processed.  

“It saves us so much time because for a start, the clients put in the figures themselves, which of course reduces the chances of any input errors. Before this we used to have to manually key the figures in ourselves and there was always that risk of putting the wrong figure into the wrong pay element”. 

If you’re interested in learning more, book your free BrightPay Connect demo.