Cybercriminals are actively targeting small CPA firms. And while that may be profitable for hackers — ransomware payments typically exceed $100,000 — it’s very costly for victims. According to The Tax Adviser (April 2020), a data breach can cost clients and firms between $70,000-$300,000 for forensic discovery, remediation, reporting requirements, litigation exposure, etc.
As a result, federal agencies have initiated new IT security requirements to safeguard client data.
The Financial Services Modernization Act of 1999, also known as the Gramm-Leach-Bliley (GLB) Act, gives the Federal Trade Commission authority to set information safeguard regulations for various entities, including professional tax return preparers.
According to the FTC Safeguards Rule, tax return preparers must create and enact security plans to protect client data. Failure to do so may result in an FTC investigation.
The Safeguards Rule requires companies to develop a written information security plan that describes their program to protect customer information. The plan must be appropriate to the company’s size and complexity, the nature and scope of its activities, and the sensitivity of the customer information it handles. As part of its plan, each company must:
Compliance with the FTC Safeguards Rule is now a component of the IRS Paid Tax Preparer PTIN renewal:
As many financial institutions have discovered, strong passwords, 2-Factor Authentication, and basic phishing instruction are insufficient to protect your systems, your client data, or your firm’s reputation. You need a comprehensive approach to IT Security, one that satisfies the federal mandates and prevents data breaches.Â
AllConnected’s FREE one-hour webinar for CPA/EA/Accountants on IT Security Awareness and Compliance.
CEO, AllConnected
VP Sales & Marketing
AllConnected is a premier Cisco-certified managed service provider of security and data loss prevention solutions for small-to-midsize businesses. As an active member of Trust X Alliance, AllConnected expedites the most effective, cutting-edge solutions to its clients.
We’re sorry you missed the event, but you can still gain access to it by filling out the form below. A follow-up email will provide a link to the post-event materials, including a recording of the webinar presentation and additional resource links discussed throughout the event. This registration is completely FREE and you may access these materials at any time once you are registered.