IRS releases written information security plan template – what does this mean for tax pros?

After requests from tax preparers, the IRS, in conjunction with the Security Summit, released new tools to aid tax professionals in establishing a written information security plan.

This Aug. 9 guidance was long-awaited since the IRS released information in 2020 stating, “Anyone who prepares or substantially helps prepare any federal tax return or claim for refund for compensation must have a valid PTIN from the IRS. During the renewal process, you’ll be asked to attest to your data security responsibility, and whether you are aware of your obligation to have a data security plan in place to provide data and security system protections for all taxpayer information.”

Personal data is extremely valuable in the world of cybersecurity, and tax preparers hold a substantial amount of sensitive client information in their systems, making them prime targets for cyberattacks.

NATP recently discussed the template’s release with data security expert and NATP instructor Brad Messner, who has been teaching a workshop about the importance of data security plans for years.

NATP is hosting a data security online workshop taught by Messner in September, where attendees will learn what information is necessary to complete a plan, including how to implement and manage it for in-person and virtual offices. Attendees will leave with a plan that meets IRS and insurance requirements.