By Frank Byrt
The IRS warned tax preparation professionals in a March 18 e-mail that the security of taxpayer accounts and personal information should be a top priority, as referenced in Revenue Procedure 2007-40, which outlines the obligations of IRS e-file providers.
In the e-mail, the IRS asked tax preparers to review the following documents:
- Publication 4557, Safeguarding Taxpayer Data: A Guide for Your Business, which provides information on federal and state information security laws and regulations as well as industry standards and best practices. It describes the various security provisions and rules that impact tax professionals. The document assists tax professionals in understanding their requirement to protect the privacy and confidentiality of taxpayer data, and it provides guidance to implement the necessary security controls to satisfy these requirements.
- Publication 4600, Safeguarding Taxpayer Information: Quick Reference Guide for Business, which summarizes Publication 4557, is written for businesses involved in the preparation and filing of tax returns. It provides information on requirements to safeguard taxpayer information, safeguarding techniques, and data security incidents.
The IRS has been aggressive in pursuing identity theft cases. During January, the IRS Criminal Investigation Division expanded its efforts to include 1,460 identity theft investigations since the start of the federal 2012 fiscal year on October 1, 2011.
But the IRS itself was warned about safeguarding taxpayer data in a March 2012 report issued by the Government Accountability Office (GAO) last week. The report, Information Security: IRS Has Improved Controls but Needs to Resolve Weaknesses, says there are serious weaknesses in information security controls that "could affect the confidentiality, integrity, and availability of financial and sensitive taxpayer data" (see GAO Takes IRS to Task on Information Security Control Lapses).