Blog

IRS Adds Security Requirement to W-12 PTIN Application and Renewal Form

minute read

By

Last Updated September 1, 2023

Category Accounting firm improvement

Share

The IRS recently released the updated W-12 (PTIN Application Renewal) form and one of the questions that preparers will need to take note of is #11-Data Security Responsibilities which states:

“As a paid tax return preparer, I am aware of my legal obligation to have a data security plan and to provide data and system security protections for all taxpayer information. Check the box to confirm you are aware of this responsibility.” 

Security responsibility and resources are outlined in IRS Publication 4557-Safeguarding Taxpayer Data and IRS Publication 5293-Data Security Resource Guide for Tax Professionals.

 

“Protecting taxpayer data is the law” according to IRS Publication 4557 which states that tax preparers must create and enact security plans to protect client data and online filers must comply with the “Security Six”  and privacy standards set in IRS Publication 1345-Handbook for Authorized IRS e-File Providers of Individual Income Tax Returns.  The Security Six refers to the use of anti-virus software, firewalls, multi-factor authentication, backup software/services, drive encryption and virtual private networks as outlined in the IRS’s publication: “Tax Security 2.0.”

 

To create a written data security plan the IRS provides guidance in Publication 4557 as well as recommending the National Institute of Standards and Technology document on “Small Business Information Security-The Fundamentals.”

 

Publication 4557 states that tax preparers must be able to understand basic security steps and how to take them, recognize the signs of data theft and how to report a theft, be able to respond and recover from a data loss and understand and comply with the FTC Safeguards Rule.  Tax preparers must also learn to recognize phishing emails, utilize security software, and generally be able to work safely on the Internet as outlined in the guide. It is recommended that all firms assign a tax person to work with the firm’s internal information technology personnel and an outsourced information security provider to get the firm in compliance with these IRS regulations.

 

This article was originally published for CPA Practice Advisor. Copying or distribution without the publisher’s permission is prohibited.

Subscribe to our blog

Get Rightworks articles delivered straight to your inbox.
Privacy(Required)

About the author

RKCCP

Roman Kepczyk, CPA.CITP, CGMA, PAFM

Roman Kepczyk, CPA.CITP, CGMA, PAFM is Director of Firm Technology Strategy for Rightworks and partners exclusively with accounting firms on production automation, application optimization and practice transformation. He has been consistently listed as one of INSIDE Public Accounting’s Most Recommended Consultants, Accounting Today’s Top 100 Most Influential People, and CPA Practice Advisor’s Top Thought Leaders.

More articles by Roman Kepczyk, CPA.CITP, CGMA, PAFM

Related Posts

Time management during tax season: 3 tips

While you may be in the throes of tax season, there’s always time to work on your online presence…and we have the tips for success.

The promise of AI: Freeing up staff to holistically serve

Discover the promise of AI for the accounting profession, and learn how your firm’s business model is at the center of it all.

Nervous about AI? Goat tracks may be to blame

Discover what could be causing your accounting firm’s resistance to embracing AI. We provide three strategies your firm can use to overcome AI challenges.