According to a recent Woodard poll, two-thirds of accountants, bookkeepers and tax preparers do not have a formal plan to protect their client information. Experts predict that oversight of data security plans will increase this year and onward, and non-compliant firms will face potential investigation by the Federal Trade Commission (FTC) with the promise of substantial penalties.
Which portion are you in? Do you have a formal plan or not? Do you protect your clients' data? Are you taking all of the steps that you should be?
And have you documented your plan and the steps you take?
Regardless of your practice size, you need a robust data security plan (although it will take much less time to implement and document for a sole practitioner). In this series of articles, we have outlined the components of a data security plan per IRS recommendations
In this final article in the series, we will outline how you need to write down your data security plan as required by the FTC's Standards for Safeguarding Customer Information. And, more importantly, we will provide an Excel workbook that will help you evaluate, implement and document your data security plan.
The FTC's standards require you to develop, implement, and maintain a comprehensive security program that is appropriate to the size and complexity of your practice and the nature and scope of your services. What exactly does that mean?
Your comprehensive security plan should include all of the measures implemented within your organization, including these five components we have previously outlined. Each of these components is described, including action items for you to take, in these articles.
Your plan should describe the role that each person in your organization (including any contractors or service providers) plays in security. In addition, your plan should address how you will educate your team about methods hackers use to access data and best practices to counteract those threats.
How you choose to document your data security plan is up to you. As an accounting professional, you are probably quite comfortable with Excel spreadsheets. That is why we created an Excel workbook that you can download for free. The workbook includes steps and action items to walk you through evaluating your risk and implementing data security measures. When you are finished, the workbook will then serve as your documentation.
Book a free accredited 45-minute security consultation with the experts at Practice Protect. In addition to the free consultation, you will also receive:
1. Download the Data Security Evaluation, Implementation and Documentation Workbook
2. Read the instructions on each worksheet. Use the links on each page for more detailed information provided in the Data Security Plan series.
3. Complete each worksheet, including all action items.