Data Protection - The Book-keepers Forum (UK)

gerry · Senior Member

Data Protection

BackOfficeGroup · Guru

Yep, you should be registered under the Data Protection Act if you handle private and confidential information regarding your clients, which I'm sure you do.

You can register online www.ico.gov.uk

P

gerry · Senior Member

Thank you for this.

Much apprecaited

gerry

brog13 · Veteran Member

............except following another earlier thread, when this was debated, I phoned The Data Protection Agency up, and they said bookkeepers did not have to register - but could if they wanted.

Does anyone know if the situation has now changed?

Babs

lor · Guru

I hope this isn't the case I haven't registered yet for it, and haven't been aware of needing to either!

semsley · Guru

You need to register only if you keep recorded in either a manual or computerised system personal data.

Amy8n · Veteran Member

At an ICB seminar I attended recently we were advised that if you provided just basic bookkeeping then you did not need to be registered but if you carried out analysis of clients accounts then you must be register. As such, I registered and it was a very straightforward process.

Vinod · Newbie

It is not necessary that you have to be registered, it is up to you whether you want register or not

BackOfficeGroup · Guru

I would imagine that you would hold personal data on all clients as this is part of the MLR. Also if you supply payroll, then you would hold personal data for all the employees of your clients also.

Or maybe I'm seeing this wrongly?

P

gerry · Senior Member

Hi

Okay, it seems like there are mixed views on this.

I have delved a bit deeper and discovered that "The Data Protection Act requires that all public and private organisations are legally obliged to protect any personal information they hold, and applies to all firms holding information about living individuals in electronic or paper format. As a bookeeper one would hold personal data about clients, and therfore must notify the Information Commissioner of this. Failure to notify is a criminal offence"

I, like Backofficegroup, would have thought MLR data and payroll are both personal data which would fall under this.

I thank you for your comments and think I will phone the ICO to find out more.

I don't want to register if I don't need to but then if I don't want to be caught out if it is something I should do.

If I get an answer I will post back their reply.

Many thanks for your replies

gerry

gerry · Senior Member

Ah interesting.

I called ICO and as bookeepers we do not need to register. We are the processors of information that is then returned to the client, we are not the controllers of this information as we do not own the data, the client does.

Payroll, staff information and Invoices are exempt anyway. MLR information held is part of business purposes and therefore also exempt.

One would need to register if they were collecting data via a database and passing this information on to a 3rd party.

How bizarre that my earlier "delve" said yes, we need to but the ICO said no, we don't. No wonder we're confused. I'm going with the ICO answer.

I hope this clarifies the issue.

Gerry

BackOfficeGroup · Guru

Its amazing this bureaucratic stuff.

So we can hold personal data, but because its not ours, we do not have to be registered. So we hold the data, use our systems to hold the data but because we do not 'own' the data, its ok?

Nice to know, thanks for that Gerry.

gerry · Senior Member

Yes, thats it in a nutshell. At this precise tme anyway. I'm sure it will all change when we think we know where we are!!!!!!!

Gerry

Julie · Senior Member

To further add to the debate, I currently work with a couple of accountants who out source their work to me, I work either onsite or from home.

It was a requirement that I register with the ICO before anywork was passed to me, even though once I have completed accounts everything is passed over.

Julie

blondie · Veteran Member

This thread has been very interesting and helpful.

I was unaware that i didn't have to be data protected. Mine is actually up for renewell at the mo but knowing it's not necessary has saved me a few quid...every little helps!
Can anyone tell me if this also stands for say..electricians?

My partner is an electrician and like me has 'customer information and details', does it still stand that he 'doesn't own the information...it belongs to his customer?'

Thank you in advance for any replies.

Terri · Senior Member

Thank you for delving deep for us Gerry, I made a call myself when I first set up to register for Data Protection and I too was told that I didn't need to as I wasn't the owner of the information. You've explained it more clearly for me now

Terri

lor · Guru

i'm glad that is clear, thanks to Gerry especially, and there are no extra expenses to pay, for running a bookkeeping practise!