Does Article 32 of the GDPR affect how you backup your cloud accounting data?
First of all, if you are backing up your cloud accounting data, well done! You’re a conscientious person who sincerely cares about your customer. There’s only one more thing you have to consider. Keep reading…
Here’s the section I’m referring to; “1. © the ability to restore the availability and access to personal data in a timely manner in the event of a physical or technical incident;” So what’s your restoration plan if your customer gets hacked or the platform goes down?
Perhaps you are manually downloading backups or paying for an automation service that downloads the files for you, again that’s commendable but only goes halfway to the goal line. If you want to put it in the net, you have to have a plan to restore the data. SCORE!!!
Let’s agree on a few points about backups and restoration. For backups, you probably keep copies of:
- General Ledger
- Trial balance
- Income Statement (Optional)
- Balance Sheet (Optional)
- Accounts Receivable Listing
- Account Payable Listing
Downloading and saving them can take between 12 and 18 minutes…per account. This is the minimum information you will need to attempt to restore the file but keep in mind, the attachments…
Your customer needs at least the last year’s worth of bookkeeping so they can validate their taxation submission if challenged, to say nothing of the business intelligence that would be missing. What about the vendor list, customer list, and other personal information associated with the file?
Are you starting to see the big picture? Now let’s add the time it will take to create the restored company file, enter, reconcile and code 1 year’s worth of transactions.
Let’s talk about one more Article in the GDPR, Article 82;
1. Any person who has suffered material or non-material damage as a result of an infringement of this Regulation shall have the right…