Skip to main content

Confirming customer confidentiality

Using a cloud-based accounting solution such as Big Red Cloud will ensure your financial data is accessible and secure, but it is equally important to take measures to protect other sensitive information.

Data protection is a fundamental right set out in Article 8 of the EU Charter of Fundamental Rights, which states that everyone has the right to the protection of their personal data and that such data must be processed fairly for specified purposes and on the basis of the consent of the person concerned, or some other legitimate basis laid down by law. 

Organisations must have a lawful reason to process personal data, for example for the purposes of carrying out a contract.

Coming clean crucial

Data controllers are obliged to notify the Data Protection Commission (DPC) of any personal data breach, unless they are able to demonstrate that the personal breach is unlikely to result in a risk to a person’s rights and freedom.

Even when the breach is not notified to the DPC, controllers must record the basic details of the breach, the assessment of the breach, its effects, and the steps taken in response.

In instances where a breach might result in risk to the rights and freedom of data subjects, the controller must make a notification to the DPC no later than 72 hours after they became aware of it. They should be able to demonstrate when and how they became aware of the breach and how they assessed the potential risk.

Protecting your data

Accountants understand concepts such as confidentiality and privacy and can take the lessons they have learned from protecting client data and pass this onto their clients. One of the most effective measures for protecting client data is securing mailboxes, which in the typical organisation might contain many years’ worth of financial information.

Clients will be reassured by obvious signs that a firm takes data protection seriously, for example by making sure that computers are password protected and sensitive areas of the building are secured. Physical measures are an important part of building trust.

Proactive communication to clients about the security of your data and GDPR compliance will stand you in good stead – don’t wait for them to ask.

Trust the cloud

While companies will always be responsible for their own data security, partnering with a company that can add extra layers of protection while updating cybersecurity on their behalf takes some of the pressure off.

In the past, some businesses have been reluctant to trust cloud providers with their company information but in the last few years, service providers have worked hard to prove that the cloud is built on trust and that the industry will fail if they let their customers down.

It is important to remember that everyone has a role to play in protecting sensitive data. This approach enables cloud providers to focus on the integrity of their hardware and software solutions while ensuring that users of their services take their security responsibilities seriously. 

Marc O'Dwyer

After completing a Graduate program in Marketing, Marc’s impressive sales career began at Allied Irish Banks, Pitney Bowes and Panasonic where he received numerous Irish and European sales performance awards and consistently exceeded targets and expectations. In 1992, Marc’s entrepreneurial spirit led him to set up his own business, Irish International Sales (IIS). Initially, this company was a reseller for Take 5 Accounts and Payroll software. Within four years, IIS became the largest reseller of Take 5 in Ireland, acquiring four other Take 5 resellers. He also found time to set up two mobile phone shops under the Cellular World brand and a web design company offering website design services for small businesses. In 2001, he bought the majority share in a small Irish software business, Big Red Book. At that time, the company was losing money. The company became profitable within two months, and Marc then acquired a payroll company to compliment Big Red Books Accounting products. In 2003, IIS were appointed as Channel Partners with SAP for their new SME product, SAP Business One. Marc sold his Take 5 business and concentrated on developing this new market for SAP As a result, by 2007, IIS was recognised as the largest Channel Partner for SAP in EMEA (Europe Middle East and Africa). In 2008, the IIS Sales Manager bought the Company from Marc in an MBO. He launched Big red cloud in June 2012, the online version of big red book, to date the company successfully converts 59% of trials into sales and the number of customers is growing rapidly. Marc continues to run both Big Red Book and Big Red Cloud which now support 75,000 businesses. He is a very keen sportsman, having played rugby for 20 years, represented Leinster at under 16 and under 20 levels, and league squash with Fitzwilliam Lawn Tennis Club for 10 years. Marc has competed in 11 Marathons, including the London and Boston Marathons, and has completed several Triathlons and Half Ironman races. He has also completed six Ironman Races in Austria(x2), Frankfurt (Germany), Nice (France) , Mallorca (Spain) and Copenhagen (Denmark)

This site is registered on as a development site. Switch to a production site key to remove this banner.