Defendant's death ends IRS' largest individual criminal tax fraud case
Missouri flood victims get new Nov. 15 tax deadline

New IRS document provides written tax data security plan guidance

Computer-security-_wallpapers4screen-dot-com_1366x768

The Internal Revenue Service relies on taxpayers and tax professionals to help ensure that our national tax system is secure. These efforts are particularly critical as the federal tax agency goes more electronic.

It's also a legal requirement for tax professionals.

The Financial Services Modernization Act of 1999, also known as the Gramm-Leach-Bliley Act after the names of its primary Congressional sponsors, mandates that financial institution companies ensure the security and confidentiality of any and all consumer information they collect. The Federal Trade Commission administers the law.

Tax professional tax preparers are included in the law's definition of financial institutions. That means tax preparers must create a written security plan .

A new security plan guideline: Under the FTC's rules, information security programs "must be written and it must be appropriate to the size and complexity of your business, the nature and scope of your activities, and the sensitivity of the information at issue."

Tax data, obviously, is incredibly sensitive.

"But for many tax professionals, it is difficult to know where to start when developing a security plan," said Carol Campbell, director of the IRS Return Preparer Office.

So the IRS and its Security Summit partners — representatives of state revenue departments and the tax industry — have created a have created a document to help tax professionals develop a written security plan dubbed WISP for Written Information Security Plan. Led by the Summit's Tax Professionals Working Group, the 29-page WISP guide is downloadable as a PDF document.

Since security issues for a tax professional can be daunting, the document walks tax pros through the many considerations needed to create a plan that protects their businesses, clients, and complies with federal law.

Tax preparer written security plan IRS video screenshot-cropped

Plain(er) English security steps: "We have tried to stay away from complex jargon and phrases so that the document can have meaning to a larger section of the tax professional community," said Campbell, who also is co-lead of the Security Summit tax professional group. "It is not intended to be the final word in Written Information Security Plans, but it is intended to give tax professionals a place to start in understanding and attempting to draft a plan for their business."

Jared Ballew of Drake Software, is the other tax professional team lead and incoming chair of the Electronic Tax Administration Advisory Committee (ETAAC), noted that beyond being a legal requirement, having a written security plan is a sound business practice.

"The sample provides a starting point for developing your plan, addresses risk considerations for inclusion in an effective plan and provides a blueprint of applicable actions in the event of a security incident, data losses and theft," said Ballew.

Other security plan resources: In addition to the WISP guide, tax professionals can get help with security recommendations in IRS Publication 4557, Safeguarding Taxpayer Data, as well Small Business Information Security: The Fundamentals by the National Institute of Standards and Technology.

And security concerns aren't just for professionals. All taxpayers need to be aware of ways to safeguard their personal financial and tax data. A review of the WISP document can help us, too, as we work to avoid tax scams and identity theft schemes.

You also might find these items of interest:

 

Advertisements

 

 

 

 

Comments

Feed You can follow this conversation by subscribing to the comment feed for this post.

Verify your Comment

Previewing your Comment

This is only a preview. Your comment has not yet been posted.

Working...
Your comment could not be posted. Error type:
Your comment has been saved. Comments are moderated and will not appear until approved by the author. Post another comment

The letters and numbers you entered did not match the image. Please try again.

As a final step before posting your comment, enter the letters and numbers you see in the image below. This prevents automated programs from posting comments.

Having trouble reading this image? View an alternate.

Working...

Post a comment

Comments are moderated, and will not appear until the author has approved them.

Your Information

(Name and email address are required. Email address will not be displayed with the comment.)