Latest News

What to know about creating a data security plan

Written on May 1, 2020

Tax professionals might not be aware they are legally required to create a written security plan to protect their clients’ data. Fortunately, the IRS and its Security Summit partners have teamed up to create a Taxes-Security-Together Checklist that includes how-tos on creating a plan.

Each office should have a specifically tailored data security plan that accounts for factors such as the company’s size, the nature of its activities and the sensitivity of its customer information.

When creating a plan:

  • Include the name of all information security program managers.
  • Identify all risks to customer information.
  • Evaluate risks and current safety measures.
  • Design a program to protect data.
  • Put the data protection program in place.
  • Regularly monitor and test the program.

Selecting a service provider

Companies should have a written contract with their service provider. The provider must:

  • Maintain appropriate safety measures.
  • Oversee the handling of customer information review.
  • Revise the security program as needed.

Learn more: