Impacts of General Data Protection Regulation on Obligations of Finnish Accounting Companies
Farigu, Linh (2019)
Farigu, Linh
2019
All rights reserved. This publication is copyrighted. You may download, display and print it for Your own personal use. Commercial use is prohibited.
Julkaisun pysyvä osoite on
https://urn.fi/URN:NBN:fi:amk-2019052612030
https://urn.fi/URN:NBN:fi:amk-2019052612030
Tiivistelmä
In May 2018, the General Data Protection Regulation repealed the Data Protection Directive 1995 and came into effect. The Regulation strengthens data subject rights, and reinforces the obligations of data controllers and data processors. Affecting both small and large firms, it forced every company to review its operation and make possible changes regarding the process of personal data to comply with the law because failing to conform to the Regulation can lead to severe fines.
The thesis covers how the General Data Protection Regulation has impacted the obligations of Finnish accounting companies. The purpose of the study is to find out how the new law has impacted on their particular responsibilities on personal data processing. The aim of the study is to figure out how they manage the new law alongside routine work: how accounting firms have prepared, what actions they have taken and what changes they have made.
The study consists of a theoretical part and an empirical part. The theory section explains the need for the new law. Then, the main differences between the General Data Protection Regulation and the Data Protection Directive are shown. Moreover, the theoretical part deals with personal data processing, and personal data law in Finland. An overview of the field of accounting and the obligations of accountants in Finland is also included. At the end of the theory section, the theoretical framework is outlined. The empirical section is based on interviews with business owners and experts in the field.
The study was conducted through a qualitative approach in the form of interviews. The questions for the interviews were designed based on an internal control framework. Semi-structured interviews were then implemented. Five accounting companies and two associations were interviewed. All of the interviews were recorded and transcribed.
The findings show that all of the interviewed companies are well aware of the Regulation. They have made careful preparations and adopted some changes in their companies to conform to the law. A significant amount of working time has been spent on training and learning the Regulation. The whole data processing has been critically reviewed. To handle possible risks, they have prepared some solutions in advance. Contracts, layout of payslips and encrypted messages are major changes in accounting companies.
To balance serving the customers and complying with the law, it is necessary to have mutual agreements and to sign contracts with customers beforehand. It is also important to check that the software suppliers of accounting firms comply with the law.
The thesis covers how the General Data Protection Regulation has impacted the obligations of Finnish accounting companies. The purpose of the study is to find out how the new law has impacted on their particular responsibilities on personal data processing. The aim of the study is to figure out how they manage the new law alongside routine work: how accounting firms have prepared, what actions they have taken and what changes they have made.
The study consists of a theoretical part and an empirical part. The theory section explains the need for the new law. Then, the main differences between the General Data Protection Regulation and the Data Protection Directive are shown. Moreover, the theoretical part deals with personal data processing, and personal data law in Finland. An overview of the field of accounting and the obligations of accountants in Finland is also included. At the end of the theory section, the theoretical framework is outlined. The empirical section is based on interviews with business owners and experts in the field.
The study was conducted through a qualitative approach in the form of interviews. The questions for the interviews were designed based on an internal control framework. Semi-structured interviews were then implemented. Five accounting companies and two associations were interviewed. All of the interviews were recorded and transcribed.
The findings show that all of the interviewed companies are well aware of the Regulation. They have made careful preparations and adopted some changes in their companies to conform to the law. A significant amount of working time has been spent on training and learning the Regulation. The whole data processing has been critically reviewed. To handle possible risks, they have prepared some solutions in advance. Contracts, layout of payslips and encrypted messages are major changes in accounting companies.
To balance serving the customers and complying with the law, it is necessary to have mutual agreements and to sign contracts with customers beforehand. It is also important to check that the software suppliers of accounting firms comply with the law.
Kokoelmat
Samankaltainen aineisto
Näytetään aineisto, joilla on samankaltaisia nimekkeitä, tekijöitä tai asiasanoja.
-
Data Strategy Handbook as Guide Towards Data-Driven Organization
Piippola, Timo-Joel (2024)The need for an organizational data culture is evident in the digital era. More organizations are making data-driven decisions, viewing data as a crucial business asset. This thesis aimed to help a case company enhance its ... -
Big datan käyttö liiketoiminnan ennustamiseen: tieliikenneonnettomuudet Suomessa
Alto, Olga (2019)Tämän opinnäytetyön tarkoituksena on selvittää, mitä tietoja voidaan ennustaa suurista tietomääristä. Aineistona on käytetty Suomessa liikennetapaturmia koskevia avoimia lähteitä vuosilta 2015 – 2017. Työssä ennustetaan ... -
Recognizing the value of data in business operations : Data analytics for business operation
Duma, Don (2022)The aim of this study was to demonstrate the hidden value of data that can be extracted with few commercial and open-source software tools. Any given business can collect, organize, and extract data for analysis that can ...