The present level of technological advancements leads to an increased requirement of data security and privacy. To meet the current needs, the General Data protection Regulation has been introduced and aims to provide guidance to ensure data security. This research aimed to analyze and examine the effects of the GDPR in the Accounting function of SMEs in Ireland. To address the aim of this study, non-probabilistic sampling with respect to qualitative data is used for primary data collection and with an information security perspective. The data collected from 11 people working in different SMEs In Ireland is interpreted based on thematic analysis with the literature for better results. This research highlights that there was still a significant gap in the current level of awareness and compliance in SMEs with that of the regulation even after 15 months of its adoption date and also providing guidance to easier compliance.