With tax-related identity theft soaring, the Internal Revenue Service is making concerted efforts to increase awareness among tax professionals about the need to safeguard their clients’ personal information.
With tax prep software providers and governments tightening their data security, IRS Commissioner John Koskinen noted, “The logical next place to go is to tax preparers, because if they can hack into your systems and get the data about your clients in detail, they are then much better able to file a more authentic-looking fraudulent return.”
- Tax professionals must safeguard taxpayer data by law and the IRS recently offered a number of commonsense steps to start:
- Make sure someone is responsible and accountable for data safeguards and security in your practice;
- Assess the risks to taxpayer information in your office. Make sure to include your operations, physical environment, computer systems and employees;
- Keep a list of locations where you keep taxpayer information (including computers, filing cabinets, and containers that taxpayers may bring you – the proverbial “shoebox”);
- Create a written plan of how to safeguard taxpayer information with appropriate safeguards in place;
- Use service providers who have policies to maintain an adequate level of information protection;
- Monitor, evaluate and adjust your security program as your business or circumstances change; and,
- Where necessary, seek advice from security consultants or insurance companies.
Examples of security controls include:
- Locking doors to restrict access to paper or electronic files;
- Requiring passwords to computer files;
- Encrypting electronically stored taxpayer data;
- Keeping a backup of electronic data;
- Shredding paper containing taxpayer information; and,
- Removing sensitive or personal information before mailing items.
The IRS “
