As you may have already figured out from the dozens of e-mails in your inbox, new data protection rules known as GDPR are coming into place, which aim to make peoples’ data more secure and give them more control. This means if you carry out payroll for accountants, or any kind of role where you deal with data, you’ll need to know about GDPR and whether you are compliant. Here are some things that your payroll department will need to think about.

You may already be compliant

If your company already has good information security in place, and carries out regular audits, you may already be compliant with GDPR. However, it’s worth considering:

  • Extra training – staff should be aware of GDPR and what it means for their roles
  • Improving security – data breaches are now becoming sadly common; how do you prevent them?
  • Reporting breaches – how would your company cope with a breach?
  • Lawful basis – GDPR needs you to explain your lawful basis for processing data, and this should be added to your privacy policy

Payroll deals with large amounts of sensitive information, which means most departments will already be familiar with these rules. However, you might wish to upgrade your payroll software for accountants with something more secure, or look at ways you can process data, without breaching peoples’ rights.

Subject access requests

One big change with GDPR is that it’ll make it easier for people to see what information is held about them by companies. HR departments may well struggle with this concept, as a lot of employee information is personal and sensitive, but payroll departments could find this difficult too, if only because the timeframes are short, and it can be a time-consuming process. Using bureau payroll software may make life easier, as they’ll find it easier to grab historical records and other requested information, presenting it in a readable format.

Keeping data secure

One of the key components of GDPR is keeping data safe, ensuring it can’t be accessed by outside parties, and when it needs to be sent to a third-party, that it’s done securely. This can be a challenge for payroll providers who work with multiple companies, so they might want to look for accountancy payroll software that has extra security to help avoid data breaches. When sending sensitive data, it’s important to not just use a free e-mail account, but to look at options for encryption which make it difficult for anyone to intercept this information.


Privacy is also important for GDPR compliance, but luckily most payroll departments already know the importance of this. From providing data electronically to deleting personal data, privacy rules should be put in place when dealing with payroll for bureaus. This will ensure that you stay compliant, as well as protecting the data of those in your company.

If you need to upgrade your payroll software to something more secure, get in touch with Primo Payroll today. Simply call 0845 456 7181 to find out more about the products we offer.