Practice Management Act fast after discovering a data breach Read the Article Open Share Drawer Share this:Click to share on Twitter (Opens in new window)Click to share on Facebook (Opens in new window)Click to share on LinkedIn (Opens in new window) Written by Intuit Accountants Team Modified Sep 27, 2023 2 min read Anyone can be a target of cybercriminals and scammers. Unfortunately, tax professionals can seem like the big fish in a sea of potential targets because of how much financial data they use to conduct their business. Even a careful, prepared tax pro may fall victim to a crime. If that happens, there are several key things you should do to protect your clients and their businesses. Client data It is vitally important that tax professionals inform all their clients of a breach and encourage them to apply to the IRS for an Identity Protection Personal Identification Number (IP PIN). The Electronic Tax Administration Advisory Committee called the IP PIN “the number one security tool currently available to taxpayers from the IRS.” Preparers should work with law enforcement to determine when it’s best to send an individual letter to all potential victims to inform them of a breach. How to report a data breach If you know your firm’s data has been compromised, here is what you should do: Contact the IRS. Report client data theft to your local IRS Stakeholder Liaison. The liaison will notify IRS Criminal Investigation and others within the agency on your behalf. If reported quickly, the IRS can take steps to block fraudulent returns in clients’ names. Call local police. You should contact police to file a report on the data breach. File a complaint with the FBI’s Internet Crime Complaint Center. File a report with the nearest office of the Secret Service. To help you find where to report data security incidents at the state level, the Federation of Tax Administrators has created a special page with state-by-state listings. Contact your attorneys general for each state in which you prepare returns. Help from other experts Security expert. You should consult an expert who can help determine the cause and scope of the breach to stop the breach and prevent further breaches from occurring. Insurance company. You should report the breach to your insurance company, and check if the insurance policy covers data breach mitigation expenses; in fact, you should know this regardless of a data breach. Federal Trade Commission. You can go to the FTC for guidance. For more individualized guidance, email the FTC. Credit and identity theft protection agency. Consider your options for the future. In addition, certain states require that preparers offer credit monitoring and identity theft protection to victims of identity theft. Credit bureaus. Notify the bureaus if there is a compromise. Review security measures used to protect client data Data protection is key in helping avoid data breaches. To help protect you and your firm, the IRS, state tax agencies, and the tax industry partners who make up the Security Summit created a Taxes-Security-Together Checklist. Whether a sole proprietor or a partner in a large firm, everyone can take several relatively simple steps to protect their clients and business data. Previous Post Moving to a virtual and paperless office Next Post Selecting the right location for your firm Written by Intuit Accountants Team The Intuit® Accountants team provides ProConnect™ Tax, Lacerte® Tax, ProSeries® Tax, and add-on software and services to enable workflow for its customers. Visit us at https://proconnect.intuit.com, or follow us on Twitter @IntuitAccts. More from Intuit Accountants Team Comments are closed. Browse Related Articles Tax Law and News IRS Offers Tax Preparers Tips Following a Data Theft Tax Law and News Watch out for “new client” email scam Tax Law and News Protect Client Data With the IRS Taxes-Security-Togethe… Tax Law and News New Wave of Attacks Focused on Tax Professionals Tax Law and News FTC safeguard rule now requires multi-factor authentica… Practice Management Is your taxpayer data secure? Tax Law and News ID Theft Protection Services Provided After a Data Brea… Practice Management 8 elements in your Written Info Security Plan (WISP) Practice Management How to stay in lockstep with the IRS “Security Six” Practice Management Cybersecurity basics for the tax practice