Being able to file our taxes online sure comes with a lot of benefits, as it is a convenient way to make sure we stay compliant with the IRS while saving time and money on the process. However, one of the main concerns many taxpayers have regarding this process is knowing that their data will be safe. Therefore, every tax advisor must follow a checklist of security measures to guarantee that the information of their clients will be safe when handled on a digital format. Such guidelines have been laid out by the IRS in collaboration with the Security Summit, and these are some of the key security features to keep in mind.
In order to guarantee data security, tax advisors need to follow a set of measures that will ensure clients any sensitive information is safe and will not be accessed or misused by anyone who is not authorized to. The Taxes-Security-Together Checklist refers to the “Security Six” measures as:
- Activate anti-virus software
- Use a firewall
- Opt for two-factor authentication methods
- Use backup software and services
- Use Drive encryption
- Create and secure VPNs, or Virtual Private Networks
Besides following these data security measures, tax advisors must create a data security plan, too, which is required by federal law. This way, they will have better strategies to prevent and respond to security breaches. Requirements for data security plans are flexible, so they can fit the needs and circumstances of every tax preparation firm regardless of its size. However, these plans should focus on key risk areas, including employee management, training, information systems, and system failure detection.
Tax preparers need to remember that data security threats change and evolve faster than we think, so it is essential for them to educate themselves and remain alert to common phone call and email tax scams. Learning about spear phishing emails and ransomware can help us avoid falling victim of tax scams.
Also, we need to understand that client data theft can have devastating effects, and recognizing the signs of malicious attempts to obtain sensitive information will help us become better protected. Some of the most common ones include:
- Clients receiving IRS letters regarding suspicious tax returns on their behalf
- Clients receiving tax transcripts they didn’t request
- Having more tax returns filed through a practitioner’s Electronic Filing Identification Number than the ones that were submitted.
Lastly, any professional tax advisor needs to work on a data theft security plan in case they were victims of a cyberattack of if their clients’ sensitive data happened to get compromised. Such a plan such include:
- Contacting the IRS Stakeholder Liaison as soon as possible
- Collaborating with the IRS to protect the accounts of our clients
- Hiring a cybersecurity expert in order to prevent and stop data theft.
Data protection cannot be taken lightly, and as tax advisors, it is our responsibility to make sure we follow every measure there is in order to guarantee our clients their information isn’t at risk when working with us.