Tax pros need to focus on data security: ETAAC
A “clearer, stronger message” to tax pros concerning the legal requirements around the security of customer information and additional education in data security are among the recommendations from the most recent annual report to Congress of the Electronic Tax Administration Advisory Committee.
Two of this year’s 13 recommendations:
- “The IRS should communicate security requirements to tax professionals through all appropriate channels (including their employers) with a clearer, stronger message about their existing legal requirements under the [Federal Trade Commission’s] Safeguards Rule, and leverage other regular interactions to reinforce that message, validate awareness, and discuss compliance.”
- “The IRS should require that all tax professionals successfully complete two hours of continuing education in data security annually, potentially as a condition of obtaining or renewing their PTIN or applying for and maintaining their status as an Authorized IRS e-file Provider. Additionally, the IRS should supplement existing security education programs targeted to tax professionals by partnering with the Security Summit to select an experienced private sector expert … to assist in the development of a comprehensive security program of instruction.”
The report also called for establishing a common security standard and extending the Safeguards Rule “to all persons providing preparation or filing services for tax returns under the Internal Revenue Code.”
The committee also worried that IRS funding for info security may rank a far second behind spending on new tax laws.
“In light of the resources that will be required for the IRS to implement the Tax Cuts and Jobs Act, ETAAC is concerned that the funding requirements for the continued fight against [ID-theft refund fraud] and for enhanced cybersecurity could be overshadowed by the implementation of tax reform measures,” the report stated.
The ETAAC provides a forum for discussion of electronic tax administration issues, including the prevention of ID theft and refund fraud. Committee members represent industries including cybersecurity and information security, tax software development, tax prep, payroll and tax financial product processing.
Other recommendations from this year’s report included integrating the payroll community more broadly into the Security Summit; increasing outreach to employers and businesses; and creating one unit within the IRS “with overall responsibility for setting security requirements for tax professionals.”