Bridging software providers send client data over the internet to HMRC, via their servers, even if the user is filing from a desktop Excel file on their own computer. Data to be filed goes to bridging software providers’ computers first, as HMRC only accepts data from known internet addresses provided by approved software vendors or developers. HMRC does not undertake IT security due diligence on software vendors, but expects accountants, business owners and others to undertake their own. Do you know if your current bridging software provider adheres to best-practice in information security management processes and procedures? Accountants in public practice bear responsibility for keeping client data confidential. Accountants and business owners are advised to undertake basic IT security due diligence checks on third parties that receive or store data, such as bridging software providers.
123 Sheets is one of the few bridging software providers that are IS0 27001 certified (Information Security Management Systems). 123 Sheets has also been certified on the UK government's flagship cyber security certification programmes: Cyber Essentials and Cyber Essentials Plus. 123 Sheets takes data security very seriously. You may want to ask your bridging software provider what information security and/or cyber security accreditations they have. This should provide you with some confidence that third-party internet security firms have provided a level of assurance on your bridging software provider's cyber and/or information security practices.
Sign up for quarterly updates about HMRC’s Making Tax Digital roll out and 123 Sheets’ software at: 123sheets.com/updates (you can easily unsubscribe from any email you receive).