What is GDPR?
You may have heard of the recently introduced (May 2018), General Data Protection Regulation, or simply GDPR legislation. This European Union legislation was initially approved in 2006, but it replaces the previous Data Protection Directive and it has recently rolled out in May affecting all businesses operating in the UK or Europe, or businesses who deal with customers in those regions.
GDPR governs how businesses acquire, hold and use personal data from an internal and external perspective. The dramatic change to this legislation has meant that many companies have had to already implement a number of new systems to keep track of personal data, which has required significant investment of business capital.
How could it affect IT contractors with limited companies?
All businesses are legally required to follow GDPR if working in the EU or processing data from individuals in the EU, which means it could affect IT contractors running their own limited companies. Even if you are the only employee and/or Director, you have an obligation to manage how client data is processed within your business. Failing to comply with these new changes could result in server penalties.
Although GDPR doesn’t directly affect your current business financial obligations, it may affect administrative, marketing and internal system costs. Some of these additional secondary costs as a result of GDPR may be claimable expenses and some may simply need taking into account for your financial projections.
Another area GDPR may hit your finances are through your client lists. Depending on whether you market your services and how you achieve this, this may mean that previously held information about old and potential clients may not be used for marketing purposes. This could affect you financially if marketing to potential clients is a method you use to acquire new business.
If you do employ staff or subcontract then you will likely need to provide some education on GDPR to ensure compliance in all areas of your work, which could increase your short-term costs. You may also need to seek specialist advice to ensure compliance.
Will this still apply after Brexit?
This legislation will still exist after Brexit. Although we will not be governed by European Union laws, the UK is expected to follow GDPR under our own very similar legislation following Brexit meaning these changes are very likely to be here to stay.
What can I do to ensure I stay within the law but minimise the cost implications on my work?
It is important to learn about the new legislation to understand how it affects your work. Financially, it could be useful to speak to an advisor who fully understands GDPR and how it relates to your specific industry in order to develop your financial plan and ensure you are utilising your allowances.
The secondary costs are likely something you will have to deal with, which could be mitigated by increasing costs, but this could clearly affect competitiveness. Some of these costs may be short term and reduce over the long term once processes are in place, training has been conducted and you have suitable ways to find potential new business; however, you may want to create a plan in the short term to ensure you can absorb these costs and stay financially efficient. If you would like to discuss GDPR with one of our team and determine how we can help you navigate these changes in relation to your business finances, then call us on 0330 024 0406.
As experts, we have extensive experience in the IT contracting sector and we can help advise you on changes you may want to implement due to GDPR to help ensure you stay efficient and maximise your revenue.