Did you know that federal law requires all professional tax preparers to create and maintain an information security plan for client data? Whether you are the owner of a small business or a member of a major firm, you are a growing target for cyber-criminals who want to gain access to your client’s personal information. Taking the time to implement added security measures now will protect yourself, your business and your valued customers in the future.
For several years, the IRS, state taxing authorities and partners in the tax community, including TaxSlayer Pro, have joined forces to fight the threats of cyber-criminals targeting our industry. The result of these efforts has significantly reduced the number of tax-related identity theft cases each year. According to the IRS, the reported number of cases decreased from 401,000 in 2016 to 242,000 in 2017.
The fight is not over. New threats and scams are identified every year. As safeguards are put in place to protect taxpayers against known threats, criminals targeting tax professionals adjust their tactics to discover new opportunities and weaknesses. So, what can you do to help? The IRS recently released a security checklist to assist professional tax preparers in covering the basics of online threats.
Known as the “Taxes-Security-Together Checklist,” the checklist highlights 5 major areas that tax professionals must consider when planning and putting together their security plan:
Deploy the security six measures
- Activate anti-virus software
- Use a firewall
- Opt for two-factor authentication when it’s offered
- Use backup software/services
- Use drive encryption
- Create and secure Virtual Private Networks
TaxSlayer Pro’s seasoned Technical Support team will answer any questions and assist you with best practices in these steps of your planning.
Create a data security plan
- Federal law requires all “professional tax preparers” to create and maintain an information security plan for client data
- The requirement is flexible enough to fit any size of tax preparation, from small to large
- Tax preparers are asked to focus on key areas such as employee management and training; information systems; and detecting and managing system failures
The IRS has published several resources to assist tax professionals with best practices in creating a security plan for their business. Check out Publication 4557, Safeguarding Taxpayer Data, and Publication 5293, Data Security Resource Guide for Tax Professionals.
Educate yourself on phishing scams
- Learn about spear-phishing emails
- Beware of ransomware
TaxSlayer Pro recommends reviewing the IRS series Don’t Take the Bait. We also recommend that all full-time and tax season employees are required to take this training.
Recognize the signs of client data theft
- Clients receive IRS letters about suspicious tax returns in their name
- More returns filed with your Electronic Filing Identification Number than you submitted
- Clients receive tax transcripts they did not request
Read IRS articles on Tax-Related Identity Theft and Maintaining, Monitoring and Protecting Your EFIN.
Create a data theft recovery plan
- Contact local IRS stakeholder liaison immediately
- Assist the IRS in protecting clients
- Contract with a cybersecurity expert to stop thefts
TaxSlayer Pro’s Customer Support Team can assist you in best practices when you suspect that your data or the personal information of your clients has been compromised. To speak with one of our pros, call us at 706-868-0985.
