IRS Tax Tip 2019-114, August 21, 2019
Despite major progress against identity and data theft, these threats still happen. They continue to put tax professionals and their clients at risk. To help combat this, the IRS and its Security Summit partners created a new Taxes-Security-Together Checklist. The checklist includes things tax pros can do now to prevent and recognize data theft. It also gives steps tax preparers can follow if they do experience a data breach
Following this checklist is a great starting point for tax professionals who want to protect their offices, computers and data. This tax tip is the first in a series highlighting the items in this checklist.
Here’s a rundown of the Taxes-Security-Together checklist:
Follow these steps, known as the “Security Six” measures
- Activate anti-virus software.
- Use a firewall.
- Use two-factor authentication.
- Use backup software or services.
- Use drive encryption.
- Create and secure virtual private networks.
Create a data security plan
- Federal law requires all professional tax preparers to create and maintain an information security plan for client data.
- The security plan requirement is flexible enough to fit any size of tax preparation firm.
- Tax professionals should focus on risk areas. These include employee management and training, information systems, and detection and management of system failures.
Be on the lookout for common email scams
- Learn about spear phishing emails.
- Beware of ransomware (PDF).
Recognize the signs of client data theft
- Clients receive IRS letters about tax returns someone else filed using their name.
- More tax returns are filed with a tax pro’s Electronic Filing Identification Number than the preparer actually submitted.
- Clients receive tax transcripts they did not request.
Create a data theft recovery plan including
- Contact the local IRS Stakeholder Liaison immediately.
- Assist the IRS in protecting clients’ accounts.
- Work with a cybersecurity expert to help prevent and stop thefts.