The new landmark GST regime that saw its full-scale implementation from July1, 2017, involves strictly online financial reporting on an universal basis. So, now as some of the companies, businesses and traders will have to for the first time switch to technological landscape, besides know-how another issue that is of high concern is data protection.
GSPs, ASPs and their role and functions
GSP or GST Suvidha Provider together with ASP or Application Service Provider have been created to provide and enable compliance to individuals who fail to do it on their own.
As per the GSTN mandate, the GST is a highly controlled regulated body. The provider is nothing more than a pipe wherein the data flows in from the ASP and has complete access to your financial data provided as part of GST compliance. To secure the data, in accordance with the law, GSP cannot view this detail, nonetheless it can check the meta data. So, at maximum, it GSP can identify that the details belong to a particular person.
Further, GSP is not the one storing your data instead it is the GSTN.
Application Service Provider emerges to be the second layer of assistance in the overall GST reporting process. The ASPs unlike GSPs have access to the persons financial data and herein at this point, security concern becomes utmost crucial. So, at this point in time, the security system you have in place, comes into picture. So, both the reporting client as well as the ASP need to have a robust security system so that any data breach is avoided.