New Data Security Checkbox on PTIN Renewal
The IRS Return Preparer Office sent the following data security message to all registered PTIN holders the week of September 23, 2019, regarding the new data security responsibilities statement and checkbox for PTIN renewals.
Dear Tax Professional,
Summer is over, and it won’t be long until you’re sitting down at your computer to renew your preparer tax identification number (PTIN) for 2020. In mid-October when renewal season begins, you will notice a data security responsibilities statement has been added to the PTIN renewal process. It serves as a reminder of your legal responsibility to have a data security plan and to provide data and system security protections for all taxpayer information. When completing your PTIN renewal, a checkbox will be available to confirm your awareness of these data security responsibilities.
Data security continues to be a hot topic. That’s because tax professionals remain a top target of identity thieves and data breaches continue to affect tax professionals at an alarming rate. Cybercriminals use sophisticated and ever evolving techniques to gain access to your systems. These criminals steal sensitive taxpayer data to file fraudulent tax returns and create financial havoc for your clients. There are simple steps you can incorporate in your daily operations to minimize your vulnerability and protect client data, including:
- Protect email accounts with strong passwords and two-factor authentication if available.
- Install an anti-phishing tool bar to help identify known phishing sites.
- Use anti-phishing tools that are included in security software products.
- Use security software to help protect systems from malware and scan emails for viruses.
- Never open or download attachments from unknown senders, including potential clients. They should instead make contact first by phone.
- Send only password-protected and encrypted documents when files must be shared with clients over email.
- Never respond to suspicious or unknown emails.
- Back up sensitive data to a safe and secure external source.
- Properly dispose of old computer hard drives that contain sensitive data.
You should also make sure to have a written data security plan in accordance with the Federal Trade Commission’s Safeguard Rule
. Remember, protecting your clients is not only good for business, it’s also the law. While the hope is that you’re never the victim of a data breach, preparation and education will go a long way in helping to protect your clients and yourself.