New IRS e-file Security and Privacy Standards
The IRS has developed six new security and privacy standards to better protect taxpayer information collected, processed, and stored by Authorized IRS e-file Providers participating in Online Filing of individual income tax returns.
These new standards are based on industry best practices and are intended to supplement the Gramm-Leach-Bliley Act and the implementing rules and regulations promulgated by the Federal Trade Commission.
So, what does this mean for the average online tax-filer? It means that the company that you e-file through (TurboTax, efile, TaxACT, etc) will have to adhere to stricter policies and standards regarding the handling of customer information.
Most of these policies seem to be standard precautions from a security perspective. However, I can certainly understand how a provider may be unfamiliar with the risk involved with handling such sensitive information. The 6 suggestions are mostly focused on tightening the security around the provider’s web presence: they call for strong EV SSL certificates (SSL 3, 1024-bit RSA), weekly third-party vulnerability scans, a written privacy policy, CAPTCHA-like capability, an ICANN domain name from a registrar located in the USA, and the prompt reporting of security incidents.
These are all good policies and are definitely a step in the right direction. The only issue I see is that these “standards” are currently optional. Although the IRS suggests that providers follow them, they aren’t required yet. In a way, this defeats the purpose of having them in the first place.
4 thoughts on “New IRS e-file Security and Privacy Standards”
Comfortabl y, the article is in reality the sweetest on this laudable topic. I fit in with your conclusions and will thirstily look forward to your approaching updates. Saying thanks will not just be adequate, for the exceptional lucidity in your writing. I will instantly grab your rss feed to stay abreast of any updates. Fabulous work and much success in your business efforts!
But Virginia has a plan for something similar. It’s kinda’ silly to hold it off. It’s bad for business for one to have an unfair competitive advantage by evading taxes. On one point, they can in fact do it. If they don’t, the burden will eventually make it’s way back to the consumer. Look how invasive the RIAA lawsuits extended.
Super-Duper site! I am loving it!! where do you get all this info from.
I know this has changed from a CPA firm stand point as I now have to enroll with the IRS every year for my PTIN for tax preparers. I wonder how the e-file security will differ from your example of Turbo Tax and such using professional CPA Tax prep software.
Comments are closed.