Tips for tax preparers on how to create a data security plan
The IRS reminds tax preparers to protect taxpayer information is not only good for customers and for businesses – is also the law. The protection rule of the Federal Trade Commission (FTC, for its acronym in English) requires tax preparers believe and enact security plans.
Although the IRS and its partners in the Security Summit progress against identity theft related to taxes, cybercriminals continue to evolve. In fact, data thefts in the offices of tax professionals are increasing. Thieves use stolen tax preparers to create fraudulent statements that are harder to detect data.
Creating a safety plan can help businesses – as tax preparers – protect your office against identity theft-related taxes. Preparers should also remember that not create a plan can result in an investigation by the FTC. Here are some things that tax preparers should know about how to develop a plan of this type:
- The plan of information required by the FTC should be appropriate to the size and complexity of the company. The business must also consider the sensitivity of customer information handling.
- The company must designate one or more employees to coordinate the information security program.
- The trainer should identify and assess the risks to customer information.
- They should also review and evaluate the effectiveness of current safeguards to control any risk to data.
- After designing and implementing a protection program, the company must monitor it and test it regularly.
- The company should select service providers can maintain the appropriate protections.
- By signing a contract with a service provider, the company must ensure that the contract requires the supplier to maintain protections and supervise their handling of customer information.
- The company should periodically evaluate and adjust the program as time goes on. This includes changes in the business or operations of the company, and the results of safety tests.
- The FTC says the requirements are designed to be flexible so that companies can implement appropriate safeguards to their own circumstances.
- The Publication 4557 , protection of taxpayer information (in English), has information about critical security measures that all tax professionals must put in place.
- Publication 4557 also includes a checklist to include in a security plan data.
- The IRS may treat a violation of the rule of protections the FTC as a violation of Revenue Procedure 2007-40 () that sets the rules for tax professionals participating as an Authorized Service e-file Provider IRS.
The IRS and its partners in the Security Summit remind preparers about creating a safety plan as part of the awareness initiative Security Taxes 101 . The goal is to provide tax professionals the basic information they need to better protect data and help prevent taxpayers filing fraudulent tax returns.
Other USA IRS News
- Information Security Small Business: The Basics (in English)
- Publication 5293 (SP) , Resource Guide Data Security for Tax Professionals