Oklahoma CPAs work with vast quantities of sensitive client data every day. Although professional regulations and fiduciary duty require CPAs to protect confidential client data, many of them unwittingly handle and store information in ways that put it at risk.
With identity theft on the rise and news stories about data breaches appearing on a routine basis, this is cause for serious concern.
So what’s the solution? Below are four comparatively easy ways that Oklahoma CPAs can preserve the integrity of client data.
1. Always Use Business-Grade File Hosting
A casual web search for cloud storage services turns up several instances of “free” solutions. Each has a paid solution as well, which support larger file transfers and more storage. While these services may be great for personal file hosting, be sure to use business-grade file hosting with complex security layers.
2. Stick To Secure File Transfer
Accounting professionals are required to transfer sensitive files every day: financial statements, tax returns, and payroll reports head the list of regularly handled information. The easiest way to transfer would be to attach the files to an email, but in this instance going the easy route is neither safe nor wise.
Confidential files should be transmitted using a cloud-based service that encrypts uploaded data and decrypts it upon download. Before choosing a service provider, the CPA must confirm that information is transmitted and stored using a minimum 128-bit encryption, that the data is stored in a SAS 70 or SSAE 16 compliant data center, and that the provider regularly performs third-party audits.
3. Educate Clients
CPAs can decrease the risk of data theft and compromise by helping clients develop strategies for data protection. Such strategies include encouraging clients to install encryption tools and firewalls on mobile devices and laptops, and advising how everyone can easily follow data-security protocols.
4. Monitor for Fraud
Taxpayer identity theft is becoming rampant, and Oklahoma CPAs are uniquely positioned to help their clients recognize potential fraud and react appropriately if it occurs. Because CPAs maintain consistent records of a client’s income, tax returns, and other data, they are in a good position to detect fraudulent behavior involving a Social Security or tax identification number. Tighter security can be applied to data that has not been breached while the fraudulent activity is reported.
Bottom Line
With taxpayer identity theft on the rise, Oklahoma CPAs need to become more self-aware when it comes to data handling, storage, and transmission. Because they maintain a consistent record of client income, returns, and financial habits, they should also be prepared to help their clients identify and respond to possible fraud, as well as explain the strategies that can help prevent data theft in the first place.
What methods does your CPA practice use to protect client data? Let us know your thoughts in the Comments box below.
If your Oklahoma CPA firm accesses client data with tablets and mobile phones and you’d like to learn how to best protect your clients, be sure to download your free Oklahoma CPA Mobile Security Checklist.
{{cta('4e1d93ad-9071-4f1f-8fae-eb01ef7ccfcd')}}
Leave a comment!
You must be logged in to post a comment.