As we reported in early April, the IRS has seen increasing numbers of fraudulently-filed individual tax returns in recent years. A small number of the individual tax returns we filed by April 15th could not be filed electronically due to tax refund-related identity theft from sources outside our firm. One circumstance, according to the Oregonian, affected individuals who volunteered with the Archdiocese of Portland and Seattle; we believe that at least some of our affected individuals may have had their information stolen via this operation.
Coping with theft of your social security number is cumbersome and time-consuming, and it will certainly delay the processing of your individual tax return. It may even prevent you from being able to file your return electronically in future years. Perpetrators of these frauds acquire social security numbers and other personal information from various sources; the FBI recommends taking various common-sense steps to protect your personal information, including limiting with whom you share sensitive personal information.
As your CPA, we know that we are someone to whom you have to give sensitive information, such as your social security number. We want to let you know the steps we take to protect your information and raise your awareness about some of the tools we use to limit its exposure:
- Any paper documents you may provide to us are held within secured areas to which only authorized personnel have access.
- Computer files containing your data are stored only on our network servers, or on the servers of authorized vendors for tax processing and similar functions, who are legally required to maintain the privacy of your information. Our network is secured by firewalls and other security controls that only permit access to authorized personnel using encrypted connections.
- Our policies require us to protect our portable and mobile devices through a variety of measures, including strong passwords, automatic screen locks and remote data destruction if devices are lost or stolen.
- Our policies prohibit us from emailing sensitive information to you, unless we either password protect it, send it via encrypted server, or both.
- Our policies (and federal law) prohibit us from sharing your information with third parties without your explicit, written consent.
At times, these security practices can create inconveniences – for instance, we cannot directly provide a copy of your individual tax return to your banker, and we cannot email you a copy of your tax return or an estimated tax payment voucher unless we password protect it.
One way to securely share information, that’s more convenient than password-protected emails, is through the use of our client portal. Our client portal is a secure website through which we can post and retrieve information, but only after logging in using a strong (14 characters or more!) password. Many of you may already be using our portal, but if not, we certainly encourage you to sign up. We can establish a folder that only you and we can access, where you can post information for us (such as tax documents), or retrieve information we provide to you (such as your tax return or estimated payment voucher) without going through email servers or the unsecured devices that access those email accounts.
We believe sharing information through the portal is a great way to keep your sensitive personal information, well, secure. If you’d like to sign up to use our portal, please print the Portal Access Agreement, sign it, and return it to your Perkins & Co contact.
Author: Susan Sterne, CPA, Shareholder
This blog post is a summary and is not intended as tax or legal advice. You should consult with your tax advisor to obtain specific advice with respect to your fact pattern. Based on the most recent “best practice” standards for tax advisors issued by the Treasury Department, commonly referred to as Circular 230, we wish to advise you that this blog post has not been prepared to be used, and cannot be used, to provide assurance that penalties which may be assessed by the IRS or other taxing authority (including specifically section 6662 understatement penalties) will not be upheld.