Prepare to Safeguard Taxpayer Data in 2021
Cybercriminals are actively targeting small CPA firms. And while that may be profitable for hackers — ransomware payments typically exceed $100,000 — it’s very costly for victims. According to The Tax Adviser (April 2020), a data breach can cost clients and firms between $70,000-$300,000 for forensic discovery, remediation, reporting requirements, litigation exposure, etc.
As a result, federal agencies have initiated new IT security requirements to safeguard client data.
Understand The Safeguards Rule
The Financial Services Modernization Act of 1999, also known as the Gramm-Leach-Bliley (GLB) Act, gives the Federal Trade Commission authority to set information safeguard regulations for various entities, including professional tax return preparers.
According to the FTC Safeguards Rule, tax return preparers must create and enact security plans to protect client data. Failure to do so may result in an FTC investigation.
The Safeguards Rule requires companies to develop a written information security plan that describes their program to protect customer information. The plan must be appropriate to the company’s size and complexity, the nature and scope of its activities, and the sensitivity of the customer information it handles. As part of its plan, each company must:
Designate one or more employees to coordinate its information security program
Identify and assess the risks to customer information in each relevant area of the company’s operation, and evaluate the effectiveness of the current safeguards for controlling these risks
Design and implement a safeguards program, and regularly monitor and test it
Select service providers that can maintain appropriate safeguards, make sure your contract requires them to maintain safeguards, and oversee their handling of customer information
Evaluate and adjust the program in light of relevant circumstances, including changes in the firm’s business or operations, or the results of security testing and monitoring
Compliance with the FTC Safeguards Rule is now a component of the IRS Paid Tax Preparer PTIN renewal:
As many financial institutions have discovered, strong passwords, 2-Factor Authentication, and basic phishing instruction are insufficient to protect your systems, your client data, or your firm’s reputation. You need a comprehensive approach to IT Security, one that satisfies the federal mandates and prevents data breaches.
The Safeguarding Taxpayer Data Webinar
AllConnected’s FREE one-hour webinar for CPA/EA/Accountants on IT Security Awareness and Compliance.
Wednesday, February 3 @ 12:00 pm PST
AllConnected is a premier Cisco-certified managed service provider of security and data loss prevention solutions for small-to-midsize businesses. As an active member of Trust X Alliance, AllConnected expedites the most effective, cutting-edge solutions to its clients.
Register for the Safeguarding Taxpayer Data Webinar Materials
You will be redirected to the post-event materials, including a recording of the webinar presentation and additional resource links discussed throughout the event. This registration is completely FREE and you may access these materials at any time once you are registered.