IR-2023-129: Specially designed Security Summit plan helps tax pros protect data; summer security series begins
Internal Revenue Service (IRS) sent this bulletin at 07/18/2023 10:22 AM EDT
|
|||
News EssentialsThe Newsroom TopicsIRS Resources |
Issue Number: IR-2023-129Inside This IssueSpecially designed Security Summit plan helps tax pros protect data; summer security series begins WASHINGTON – Kicking off an annual education effort, the Internal Revenue Service and its Security Summit partners today encouraged tax professionals, especially smaller practices, to take advantage of its security plan template designed to make data security planning easier. The Written Information Security Plan or WISP is a 28-page, easy-to-understand document developed by and for tax and industry professionals to keep customer and business information safe and secure. The Security Summit - including tax professionals, industry partners, state tax groups and the IRS - developed the WISP. Summit members will highlight the template at each of the five IRS Nationwide Tax Forums to be held this summer throughout the U.S. This is the opening news release in a five-part "Protect Your Clients; Protect Yourself" summer series from the Security Summit, a public-private partnership that works to protect the tax system against tax-related identity theft and fraud. The news release series and the IRS Tax Forums will provide important information to help protect sensitive taxpayer data that tax professionals hold while also protecting their business from identity thieves. This marks the eighth year that the Security Summit partners have worked to raise awareness about these issues through the "Protect Your Clients; Protect Yourself" campaign. “Tax professionals form a critical part of the defense against identity thieves and scammers,” said IRS Commissioner Danny Werfel. “The IRS and Security Summit partners remain vigilant to emerging identity theft schemes and scams, but tax professionals following the steps outlined in the security plan will provide valuable protection to their practices as well as their clients.” Knowing that tax professionals play a critical role in our nation’s tax system, the Summit – led by the Tax Professionals Working Group – spent months developing the WISP, including a special sample document that allows tax professionals to quickly focus on developing their own written security plans. “It’s more important than ever for tax pros to protect their data, passwords and other information,” said Kimberly Rogers, director of the IRS Return Preparer Office and co-chair of the Summit’s Tax Pro Working Group. “With cyberattacks against tax professionals continuing, having a sound security plan makes not only good business sense, it’s also the law. But knowing where to start can be challenging. The Security Summit members worked together on this plan to make it easier for all tax professionals to develop an approach that is right for them.” Given the importance of security plans, the WISPs will be a special focus at the IRS Nationwide Tax Forums this year. The forums continue next week in Atlanta followed later in the summer in the Washington, D.C. area., San Diego and Orlando. The IRS reminds tax pros that registration deadlines are quickly approaching for several of the forums. “These security plans provide valuable tips and information to help tax pros develop an effective plan that’s appropriate for their business,” said Jared Ballew, who was one of the Summit members who helped develop the WISP. Ballew serves as Vice President of Government Relations at Taxwell, representing Drake Software and TaxAct and will be leading the Tax Forum sessions on the WISP. “The Security Summit partners continue to urge tax pros to make sure they have a strong security plan in place, and the WISP is a great place to start for many practices.” The basics of a WISP Throughout the process, tax pros are reminded that a security plan should be appropriate to the company’s size, scope of activities, complexity and the sensitivity of the customer data it handles. There is no one-size-fits-all WISP. The IRS also reminds tax professionals that a WISP is just one part of what they need to protect their clients and themselves. Given the rapidly evolving nature of threats, the Summit also strongly encourages tax professionals to consult with technical experts to help with security issues and safeguard their systems. A good WISP focuses on three areas:
Tax pros required to have a security plan under the law The Gramm-Leach-Bliley Act (GLBA) requires financial institutions to protect customer data. Under this law, tax and accounting professionals are considered financial institutions, regardless of size. In its implementation of this law, the Federal Trade Commission (FTC) issued measures required to keep customer data safe. One requirement is implementing a WISP. As a part of the plan, the FTC requires each firm to:
Tax pro with a security problem? Contact an IRS Stakeholder Liaison Additional resources
Thank you for subscribing to the IRS Newswire, an IRS e-mail service. If you know someone who might want to subscribe to this mailing list, please forward this message to them so they can subscribe. This message was distributed automatically from the mailing list IRS Newswire. Please Do Not Reply To This Message. |