As part of the continuing campaign to remind tax professionals of data protection and data security issues, the members of the Security Summit have announced a “Taxes-Together-Security Checklist” for tax professionals.[1]

The actual checklist[2] contains the following items:

• Deploy the “Security Six” measures

  • Activate anti-virus software

  • Use a firewall

  • Opt for two-factor authentication when it’s offered

  • Use backup software/services

  • Use drive encryption

  • Create and secure Virtual Private Networks

• Create a data security plan

  • Federal law requires all “professional tax preparers” to create and maintain an information security plan for client data

  • The requirement is flexible enough to fit any size of tax preparation, from small to large

  • Tax preparers are asked to focus on key areas such as employee management and training; information systems; and detecting and managing system failures.

• Educate yourself on phishing scams

  • Learn about spear phishing emails

  • Beware of ransomware

• Recognize the signs of client data theft

  • Clients receive IRS letters about suspicious tax returns in their name

  • More returns filed with your Electronic Filing Identification Number than you submitted

  • Clients receive tax transcripts they did not request

• Create a data theft recovery plan

  • Contact local IRS stakeholder liaison immediately

  • Assist IRS in protecting clients

  • Contract with cybersecurity expert to stop thefts

[1] “Tax Security 2.0 – A ‘Taxes. Security. Together’ Checklist,” IRS Website, July 9, 2019, https://www.irs.gov/newsroom/tax-security-2-point-0-a-taxes-security-together-checklist, retrieved July 11, 2019

[2] “Tax Security 2.0 The Taxes-Security-Together Checklist,” IRS Website, June 12, 2019