Don’t take the bait, step 10: steps for tax pros with data incid - KAUZ-TV: Newschannel 6 Now | Wichita Falls, TX

Don’t take the bait, step 10: steps for tax pros with data incidents; tips to help protect clients, taxpayers

© iStockphoto.com / Amanda Rohde © iStockphoto.com / Amanda Rohde

From IRS.gov

WASHINGTON – The IRS, state tax agencies and the tax industry today reminded tax professionals that if they experience a breach or theft of taxpayer data they should immediately contact the IRS to help protect clients.

The IRS can take some steps to lessen the impact of tax-related identity theft on clients, but a quick response by tax practitioners discovering a problem can help avert problems. Generally, criminals work quickly to convert the stolen data into fraudulent tax returns to claim refunds.

Encouraging tax practitioners to report data thefts is the final news release in a 10-week, “Don’t Take the Bait” campaign, an effort focused on informing tax professionals. The IRS, state tax agencies and the tax industry, working together as the Security Summit, urge practitioners to immediately report data losses to the IRS and state tax agencies. This is part of the ongoing  Protect Your Clients; Protect Yourself effort.

“The IRS, the states and the nation’s tax community continue to make progress in the battle against tax-related identity theft,” said IRS Commissioner John Koskinen. “But we need the help of tax professionals across the country to help strengthen this effort. In addition to working to ensure the safety of their systems, practitioners should promptly report identity theft or data breaches to help protect their clients.”

The IRS has created a reporting process for tax professionals. Those experiencing a data loss should contact their local IRS stakeholder liaison. The IRS representative will relay information to other parts of the IRS that need to know, including the Return Integrity and Compliance Services and Criminal Investigation divisions.

Also, be aware that some states require notification of data losses, and tax professionals should notify each state for which they prepare returns.

IRS stakeholder liaisons will need a list of the affected taxpayers, including names and Social Security numbers. Send the file to liaisons in a CSV (Comma Separated Values) format. If using Microsoft Excel, simply “save as” and scroll the list of options to CSV. Save and encrypt the file before emailing it to IRS staff.

Protecting Clients and Businesses by Reporting Data Thefts

Tax professionals should review IRS Data Theft Information for Tax Professionals for details on reporting losses.  Preliminary steps include:

Contacting the IRS and law enforcement:
 

Internal Revenue Service, report client data theft to local stakeholder liaisons.

Federal Bureau of Investigation, the local office.

Secret Service, the local office (if directed).

Local police – To file a police report on the data breach if required by insurance companies.

Contacting states in which the tax professional prepares state returns:
 

Any breach of personal information could impact the victim’s tax accounts with the states as well as the IRS. Email the Federation of Tax Administrators at StateAlert@taxadmin.org to get information on how to report victim information to the states.

State Attorneys General  for each state in which the tax professional prepares returns. Most states require that the attorney general be notified of data breaches. This notification process may involve multiple offices.

Contacting experts:
 

Contact a security expert to determine the cause and scope of the breach, to stop the breach and to prevent further breaches from occurring.

Contact insurance companies to report the breach and to check if the insurance policy covers data breach mitigation expenses.

Contacting clients and other services:
 

Federal Trade Commission

For more individualized guidance, contact the FTC at idt-brt@ftc.gov.

Credit / identity theft protection -- certain states require offering credit monitoring / identity theft protection to victims.

Credit bureaus – to notify them if there is a compromise and clients may seek their services.

Clients – Send an individual letter to all victims to inform them of the breach but work with law enforcement on timing.

IRS toll-free assisters cannot accept third-party notification of tax-related identity theft. Again, preparers should use their local IRS Stakeholder Liaison.

Remember that all of the web page addresses for the official IRS website, IRS.gov, begin with http://www.irs.gov. Don' t be confused or misled by Internet sites that end in .com, .net, .org or other designations instead of .gov. The address of the official IRS governmental Web site is http://www.irs.gov/.

*DISCLAIMER*: The information contained in or provided through this site section is intended for general consumer understanding and education only and is not intended to be and is not a substitute for professional advice. Use of this site section and any information contained on or provided through this site section is at your own risk and any information contained on or provided through this site section is provided on an "as is" basis without any representations or warranties.
INFORMATIONAL DISCLAIMER The information contained on or provided through this site is intended for general consumer understanding and education only and is not intended to be and is not a substitute for professional financial or accounting advice. Always seek the advice of your accountant or other qualified personal finance advisor for answers to any related questions you may have. Use of this site and any information contained on or provided through this site is at your own risk and any information contained on or provided through this site is provided on an "as is" basis without any representations or warranties.
Powered by Frankly