Twelve steps to GDPR nirvana; the final cream crackers!

Paula Veysey Smith • 5 March 2018

Twelve Steps to GDPR nirvana – the final cream crackers!

The Information Commissioner’s Office (ICO) have published a twelve-step guide for compliance; we looked at the first of those steps last week but as I said then is it a bit like trying to eat cream crackers. So, tea at the ready, let’s look at the second six steps and how they relate to the small business.

1. Consent

You should review how you seek, record and manage consent and whether you need to make any changes. Refresh existing consents now if they don’t meet the GDPR standard. The ICO has published detailed guidance on consent under the GDPR, and you can use their consent checklist to review your practices. Consent must be freely given, specific, informed and unambiguous. There must be a positive opt-in – consent cannot be inferred from silence, pre-ticked boxes or inactivity. It must also be separate from other terms and conditions, and you will need to have simple ways for people to withdraw consent. Consent has to be verifiable and individuals generally have more rights where you rely on consent to process their data. You are not required to automatically ‘repaper’ or refresh all existing DPA consents in preparation for the GDPR. But if you rely on individuals’ consent to process their data, make sure it will meet the GDPR standard on being specific, granular, clear, prominent, opt-in, properly documented and easily withdrawn. If not, alter your consent mechanisms and seek fresh GDPR-compliant consent, or find an alternative to consent.

To me, this is one of the biggest GDPR impacts and I would urge you all to start now looking at this area.

2. Children

You should start thinking now about whether you need to put systems in place to verify individuals’ ages and to obtain parental or guardian consent for any data processing activity.
There are specific rules that bring special attention for children’s personal data and if you believe that this area of compliance will impact your business please do seek further ICO guidance.

3. Data Breaches

You should make sure you have the right procedures in place to detect, report and investigate a personal data breach. This is an area that will impact larger corporations more as they will now be legally responsible for disclosing breaches at the time they happen, meaning that any member of the public will know straight away if their personal data has been affected; this can only be a good thing.

For smaller entities I believe that we should act by looking at how we hold our data and what risks there are. I have an announcement to make next week about how M:Power has acted to properly secure the personal data it holds as I have already reviewed this step to ensure that your data is as safe as it can be.

4. Data Protection Impact Assessment

It has always been good practice to adopt a privacy by design approach and to carry out a Privacy Impact Assessment (PIA) as part of this. However, the GDPR makes privacy by design an express legal requirement, under the term ‘data protection by design and by default’. It also makes PIAs – referred to as ‘Data Protection Impact Assessments’ or DPIAs – mandatory in certain circumstances. If you feel that a DPIA may be mandatory in your case, please consult the ICO guidance.

It is good for all small business to carry out an assessment and document this. The assessment will identify the most effective way to comply with GDPR obligations and also meet individuals’ expectations of privacy. And the PIA is an integral part of taking a privacy by design approach. Although this may sound slightly scary it should not take too long for you to complete a PIA and it will show if you do have any areas that need improvement or of high risk.

Nearly there – just two more crackers to go . . .

5. Data Protection Officers

You should designate someone to take responsibility for data protection compliance and assess where this role will sit within your organisation’s structure and governance arrangements. In most cases that will be you!

6. International

If you do operate in more than one EU member state, you will need to determine your lead supervising state and document this. For most small business in the UK this authority will be the UK but if you do have a more complicated framework with more than a single establishment in the UK then again, I would advise you review the ICO guidance for this area.

So, time for that glug of tea as we are now done. All entities in the UK that hold personal data in whatever form are legally required to comply to the GDPR requirements. As I said right at the beginning those of us who were already working under DPA are potentially most of the way there but it is vital that you consider these twelve steps and act on them now to ensure your compliance. I believe that, with carefully consideration, this will not become just another administration burden and the quicker you act the easier it will be to ensure that you are compliance by 25th May; that is the way to achieve GDPR nirvana.

S is for Specific

by Paula Veysey-Smith 3 May 2026
Your New Year’s resolutions haven’t failed, they just need a sharper edge. Here's how one simple shift can change everything. “We make New Year's resolutions — let's call them goals. But they can be a bit vague. The way to make them happen is to actually define them better.” It's that time of year when those bold January intentions have quietly faded into the background. "Get fit." "Lose weight." "Grow my business." Sound familiar? You're not alone — and more importantly, you haven't failed. Your resolutions just need a better framework.

MTD for Income Tax Is Here: What It Means for You

by Paula Veysey-Smith 13 April 2026
HMRC’s new system Making Tax Digital for Income Tax Self-Assessment has now arrived! This isn’t just a regulatory update. It’s a shift in how your records are kept, how often you report, and what you will need to do throughout the year. What’s changing for you: Under MTD for Income Tax, if you’re a sole trader or landlord within scope: You’ll need to keep digital records Quarterly updates will need to be digitally submitted to HMRC An End of Period Statement (EOPS) will need to filed A Final Declaration will be needed to finalise your tax position for the year In short: instead of one annual deadline, your tax reporting becomes a year-round process. Why using compliant bookkeeping software is now essential? To meet MTD requirements, HMRC requires fully digital record keeping and submissions . Manual spreadsheets alone are no longer sufficient You’ll need to use MTD-compliant bookkeeping software Sending your accountant paper records or incomplete information will cause delays The upside (it’s not just compliance) While MTD is mandatory, it also brings real benefits: Clear visibility of your tax position throughout the year Better cash flow planning Fewer surprises at year-end What support do you need to navigate this new system? The support of qualified accounting professionals is now more necessary than ever. We don’t expect you to navigate this alone and here’s how MPower Accounting can ensure that you not only comply with, but thrive under, this new reporting requirement. We’ll help you choose and set up the right software We work with trusted platforms such as Xero, QuickBooks, FreeAgent and others. We’ll recommend what fits your business best and get everything set up correctly. We’ll ensure you stay compliant Review your records regularly Submit your quarterly updates accurately and on time Handle all year-end submissions We’ll take the stress off your shoulders With the right system in place: Your records stay up to date automatically We can spot issues early You avoid last-minute pressure and surprises All we’ll need from you to make MTD work smoothly, is access to your chosen bookkeeping software, regular uploaded receipts so we can keep records current and a little of your time when there are questions. The more up-to-date your records are, the more value and proactive advice, we can provide. Your role is simple but important. Letting us take the strain of compliance will save you time and cause significantly less stress, enabling you to focus on what is important, that is running your business successfully. Next steps If you haven’t already: Speak to us about getting set up on MTD-compliant software Let us review your current bookkeeping process Make sure you’re ready for quarterly reporting

Why Cheap, Outsourced Bookkeeping Could Cost Your Business More

by Paula Veysey-Smith 24 March 2026
When choosing an accountant, it’s natural to be drawn to lower fees. However, if your accountant outsources bookkeeping, especially overseas, it can lead to hidden risks, poorer service and long-term costs for your business. Here’s what you need to consider: Service Quality May Be Lower Higher risk of errors, misclassified transactions, and inaccurate reports Bookkeeping completed less regularly, usually only at key deadlines, eg, VAT quarter No dedicated bookkeeper which can be contacted Less Ongoing Support Little to no ongoing support from UK based accountant Less control and oversight from your accountant Slow response to queries and issues taking longer to resolve Cheap Fees Can Lead to Higher Costs You may pay more later to fix errors or redo work Risk of fines or penalties due to late or incorrect filings Your time being wasted with identifying errors and chasing a response Impact on Your Business Inaccurate financial data makes it harder to make confident decisions Delays can affect cash flow planning and reporting deadlines Frustration and lack of trust in your financial information and accountant What to Look For Instead Accountants who have UK based in house bookkeepers Clear communication and quick response times Consistent, reliable handling of your financial records Continued support and advice through the whole year Key Takeaway The cheapest option isn’t always the best value Investing in quality bookkeeping saves time, reduces risk, and gives you peace of mind The MPower team is proudly based in the UK, with every member carefully selected for their expertise and experience. Our role goes beyond simply completing bookkeeping tasks—we provide valuable insights and practical suggestions based on your financial data. We believe in building strong, partner-like relationships with our clients. That means we’re here for you all year round, whether you have a quick query or need deeper insight from your numbers to support better business decisions. We have welcomed many new clients to our portfolio who, initially enticed by the cheaper rate, have become disillusioned and disappointed with their existing out-sourcing accountants. Understanding that cheap is not the best option, they have thrived with the support and availability our team provide. Choosing the right accountant is about more than price, it’s about ensuring your business has accurate, timely financial information you can depend on and the support of an accountant who is readily available, at any time of the year. This is the service that MPower strives to provide, to any and every client!
Woman in blue sweater smiles while working on laptop at desk with headphones.

New Year Resolutions for a Stronger and more Successful Business

by Paula Veysey-Smith 5 January 2026
As accountants, January is when we see optimism at its highest and inboxes at their fullest. A new year brings fresh energy, new goals, and the promise that this will be the year that your business really moves forward. But as the month moves on and realities hit, the elation and determination to press on with these new goals starts to fade and often die completely. The difference between a resolution that sticks and one that doesn’t is simple: clarity , practicality , and consistency . So instead of vague promises like “earn more” or “work less,” here are some realistic New Year’s resolutions that can genuinely help you build a stronger, more sustainable business. 1. Get Clear on Your Numbers (Not Just Your Turnover) One of the most powerful resolutions you can make is to truly understand your financial position. Turnover alone doesn’t tell the full story. Profit, cash flow, and margins matter far more. Ask yourself: Which services or products are most profitable? Where is cash getting stuck? What costs could be reduced without harming quality? Commit to reviewing your numbers monthly, not just at year-end. Confidence grows when decisions are backed by facts, not guesswork. 2. Improve Cash Flow, Not Just Sales Many businesses fail while still “making money” on paper. Cash flow is the lifeblood of your business. This year, resolve to: Invoice promptly and clearly Review payment terms Chase overdue payments consistently (and professionally) Small changes here can dramatically reduce stress and give you more freedom to plan ahead. 3. Price for Value, Not Fear A common issue I see is business owners under pricing, and resisting rate increases, because they fear losing customers. The result? Long hours, high pressure, and limited reward. A strong New Year resolution is to: Review your pricing Understand your true costs Charge in line with the value you deliver The right clients respect fair pricing. Better pricing attracts better clients. 4. Build Systems That Save Time If everything depends on you or a small team, your business will always feel heavy. Systems create breathing space. Resolve to: Document key processes Automate where possible Use software to reduce manual tasks Time saved can be reinvested in growth, strategy, or simply enjoying life outside the business. 5. Invest in Support (You Don’t Have to Do It Alone) Whether it’s professional advice, bookkeeping support, or mentoring, the most successful business owners know when to ask for help. This year, consider: Delegating tasks that drain your energy Seeking advice before problems escalate Surrounding yourself with people who both support, and challenge, you Support isn’t a cost—it’s an investment. 6. Protect Your Energy and Wellbeing Burnout helps no one. A business that relies on exhaustion is not sustainable. Make a resolution to: Set realistic boundaries Take proper breaks Define what “success” looks like for you, not just your business A healthy business owner makes better decisions and builds stronger businesses. Final Thought New Year’s resolutions don’t need to be dramatic to be effective. Small, intentional changes, applied consistently, create the biggest impact over time. This year, focus less on perfection and more on progress. Build a business that supports your life, not one that consumes it. If you’d like help turning your resolutions into practical actions, contact us NOW —it’s one of the smartest business decisions you can make. At MPOWER we work with business owners to provide clear direction from the numbers and strategies for success. Here’s to a calmer, clearer, and more confident year ahead.
More posts