GDPR requires you to keep records of risks and personal data breaches and there is no better place to do that than in a CRM system. A CRM system is where all your data is held centrally. For client relationship management, for marketing and for general data processing. The team at FibreCRM have spent conderable time and effort looing at ways to help accountants use CRM to manage their GDPR compliance and have created a Compliance Module within CRM.
The Compliance Module
The CRM Compliance Module includes:
- Lawful basis for processing questionnaire
- Consent management & Legitimate Interest Assessments
- Data breach register
- Risk register
- Subject Access Request (SAR) form
- Data minimisation
- Right to Erasure requests and data anonomisation approval processes
- Data purging rules (e.g after ‘x’ years delete all ‘old’ data)
- In-built compliance workflows & procedures
Our resident EU Certified GDPR Practitioner has produced a GDPR Toolkit which includes over 20 policy templates and gap assessment tools for your practice to become compliant. Richard is available on the end of the phone should any of our Toolkit clients have any questions. Here is more detail.
FibreCRM is a data processor and look after the security of its customers cloud-based CRM systems. All servers are housed in two UK-based data centres with built-in security vulnerability software to protect against attacks. Access to data is encrypted.