IRS Pub 4557 Compliance for Tax Practitioners
IRS Publication 4557 provides seven checklists for tax preparers to help protect tax clients’ tax data. The safeguards also protect your business from a data breach and the resulting loss of revenue and reputation.
Encyro provides sophisticated security and privacy safeguards to help you securely send and receive clients’ tax data including W2’s, pay stubs, tax returns, signature pages, business accounting records, voided check photos, and other financial information.
Specifically, related to the requirements for Information Systems Security and Computer Systems Security sections, Encyro provides you with the following built-in safeguards:
- Ensure that storage areas are protected against destruction or damage from physical hazards, like fire or floods. Enyro’s storage is protected against physical hazards using 3 way encrypted replication within each data center and then additional replication at another data center.
- If you collect information online directly from customers, make secure transmission automatic. Caution customers against transmitting sensitive data, like account numbers, via email. Encyro provides you with an upload page (with Pro membership), to make it super-easy for customers to send you data securely. Place your Encyro upload page link in your email signature and encourage customers to use it in any email you ask them to send you sensitive paperwork.
- If you must transmit sensitive data by email over the Internet, be sure to encrypt the data. Encyro does this for you.
- Use strong passwords of 8 or more characters. (Encyro in fact enforces additional requirements for strong passwords including the use of multiple types of characters: uppercase, lowercase, numeric, and special. You must enable your compliance settings to activate this protection.)
- Encrypt all sensitive files and emails. Encyro protects files and emails that you share with others using Encyro.
- Back up sensitive data to a safe and secure external source. (Encyro not only acts as an offsite backup for your data, but internally all Encyro data is backed up encrypted on a distant data center, hundreds of miles away from the primary data center serving your data.)
Please note that the IRS publication also requires you to secure your data outside of Encyro. To help you with that, the Encyro blog provides several helpfulcybersecurity articles, especially:
- Strong passwords for your computer
- Enforce screen lock after inactivity
- Secure your WiFi network
- Device security
- Physical data security
- Secure data disposal
The IRS publication 4557 checklists are discussedhere.
Gramm Leach Bliley (GLB) Act Compliance
The GLB Act of 1999 and the Safeguards Rule of 2002 require all financial service providers to protect their customer's financial privacy and is enforced b...
Encyro helps you comply with FINRA cyber-security requirements is the following ways: Encyro maintains the confidentiality and integrity of data as require...
PCI-DSS requires safeguarding credit card data that you receive. Email is not a secure way to ask a customer to provide their credit card information to se...
The SEC Regulation Title 17: Chapter II, Part 248, Subpart A: §248.30 requires every broker, dealer, and investment company, and every investment adviser ...
NIST 800-171 Compliance
National Institue of Standards and technology (NIST) Special Publication 800-171 or NIST-SP800-171, specifies requirements for non-Federal computer systems...
Can the files be securely downloaded from Encyro to Google Drive, OneDrive, or DropBox?
There are two options to download files from your Encyro account to Google Drive, OneDrive, or DropBox: If you use the desktop app for those services (such...
The General Data Protection Regulation (GDPR) of 2018 applies to all businesses that collect any data from customers or clients in the European Economic Ar...
Can I Avoid Having to Login Each Time?
If you are being asked to login every time you visit your Encyro account, it is likely that you or your organization's compliance settings have enforced au...
Is Encyro HIPAA Compliant?
Can I use Encyro for HIPAA compliance? Can I store and send patient information using Encyro? Encyro complies with Health Insurance Portability and Account...