The new GDPR, or General Data Protection Regulation, has now kicked in,
but it is still worth looking at the key areas of the legislation to
ensure that financial advisers are being fully compliant.
As the popularity of financial advis or software proves, financial
advisers deal with huge amounts of data, including personal data,
meaning that compliance with the new laws is imperative, especially as
regulatory breaches can happen in any area of a business.
Staff training is an essential part of GDPR compliance, as is recording
evidence to prove that this type of training has been provided by the
company. Every department in a company must comply with the rules, not
just the HR or the IT department, and clients will expect that financial
advisers are protecting their data properly.
Review Data Help
Whether it’s the data held on financial adviser software that stored in hard files, all of this information is potentially
sensitive and needs to be protected properly. This means that it is
important to regularly review the kind of information held on clients,
how it is stored and who a financial adviser shares this with.
Data Consolidation and Storage
It is essential that it is known where exactly data is stored,
especially as there are a variety of options, ranging from desktops and
servers to accounting systems and the cloud. It is vital to have an
accurate overview and to have effective security measures in place for
each storage area. Consolidating data can make this process simpler and
is also important in the case of merging companies, for example.
Improve Systems and Processes
Financial advisers will need to continually monitor, maintain and
improve the way in which data is collected, handled and stored. The
importance of this cannot be underestimated given that Intelliflo
research reveals that 82 per cent of investors would not appoint or
would want to change their source of financial advice if they were
hacked.
GDPR also requires that businesses document the way in which
confidential information is kept safe and are able to show these
procedures to regulators if necessary. These fail-safe systems are vital
in the case of a breach and to demonstrate that the business data
procedures are working as effectively as possible.
0 Comments