Creating Data Security Plans – What Tax Pros Should Know

NSTPInternal Revenue Service (IRS), Security, Security Summit

Creating Data Security Plans - What Tax Pros Should Know

Creating Data Security Plans – What Tax Pros Should Know Tax pros must create a written security plan to protect their clients’ data. In fact, the law requires them to make this plan. Creating a data security plan is one part of the new Taxes-Security-Together Checklist. The IRS and its Security Summit partners created this checklist. It helps tax professionals protect sensitive data in their offices and on their computers. Many tax preparers may not realize they are required under federal law to have a data security plan. Each plan should be tailored for each specific office. When creating it, the tax professional should take several factors into consideration. This includes things like the company’s size, the nature of its activities, and the sensitivity of its customer information. Creating a plan Tax professionals should make sure to do these things when writing and following their data security plans: Include the name of all information security program managers. Identify all risks to customer information. Evaluate risks and current safety measures. Design a program to protect data. Put the data protection program in place. Regularly monitor and test the program. Selecting a service provider Companies should have a written contract with their … Read More

Tax Preparers Can Protect Their Clients by Hiring A Cybersecurity Pro

NSTPHackers

Tax Preparers Can Protect Their Clients by Hiring A Cybersecurity Pro

To protect their offices and clients, many tax preparers hire a cybersecurity professional. Every tax business is unique, so preparers should discuss their specific concerns with someone they hire. This will help safeguard both the preparer’s business and their clients’ data. Here are some things preparers should do when selecting a cybersecurity professional: Ask for recommendations Preparers can talk to other business owners or professionals for recommendations and references. Be selective Ultimately a preparer or business owner will need to select the person they trust most. They should choose someone with whom they feel comfortable discussing the safety and security of their business and clients. Do interviews Preparers should ask questions of the candidates to learn just how much experience they have in data protection. Here are some preliminary examples of questions preparers can ask to get the ball rolling: How does ransomware work and what can we do to protect our systems? What are the best options to securely back-up data and why are those options the best? Do you have suggestions regarding data encryption, malware, firewalls, disaster recovery, and remote access tools? Have you ever created a security plan for a similar business? Can you do an assessment … Read More