Security Summit Announces Tax Preparer Security Checklist

As part of the continuing campaign to remind tax professionals of data protection and data security issues, the members of the Security Summit have announced a “Taxes-Together-Security Checklist” for tax professionals.[1]

The actual checklist[2] contains the following items:

  • Deploy the “Security Six” measures

    • Activate anti-virus software

    • Use a firewall

    • Opt for two-factor authentication when it’s offered

    • Use backup software/services

    • Use drive encryption

    • Create and secure Virtual Private Networks

  • Create a data security plan

    • Federal law requires all “professional tax preparers” to create and maintain an information security plan for client data

    • The requirement is flexible enough to fit any size of tax preparation, from small to large

    • Tax preparers are asked to focus on key areas such as employee management and training; information systems; and detecting and managing system failures.

  • Educate yourself on phishing scams

    • Learn about spear phishing emails

    • Beware of ransomware

  • Recognize the signs of client data theft

    • Clients receive IRS letters about suspicious tax returns in their name

    • More returns filed with your Electronic Filing Identification Number than you submitted

    • Clients receive tax transcripts they did not request

  • Create a data theft recovery plan

    • Contact local IRS stakeholder liaison immediately

    • Assist IRS in protecting clients

    • Contract with cybersecurity expert to stop thefts


[1] “Tax Security 2.0 – A ‘Taxes. Security. Together’ Checklist,” IRS Website, July 9, 2019, https://www.irs.gov/newsroom/tax-security-2-point-0-a-taxes-security-together-checklist, retrieved July 11, 2019

[2] “Tax Security 2.0 The Taxes-Security-Together Checklist,” IRS Website, June 12, 2019