Tax preparers have a duty to create and follow strict electronic and procedural safeguards to ensure taxpayer personal information is secure and not available to unauthorized parties. This requirement is detailed in the Internal Revenue Code.
What the IRC says about disclosing taxpayer data
Section 7216 of the Internal Revenue Code prohibits the IRS and tax professionals from knowingly or recklessly disclosing tax return information to anyone else without the taxpayer’s explicit consent. Violation of this rule is a federal crime that may draw a fine of up to $1,000 and imprisonment for as long as a year for each violation.
Section 6713 of the IRC imposes a $250 civil penalty on anyone engaged in preparing taxes who discloses information furnished for the purposes of preparation, or uses the information for anything outside of tax preparation. Section 6713 doesn’t require the disclosure to be knowing or reckless and applies to casual preparers who are compensated and intermediate service providers.
Consent can be provided either with Form 8821 or Form 2848. However, there are several exceptions to the non-disclosure rule.
Exceptions to IRS Code Section 7216
Under Treasury Regulations section 301.7216-2, sharing a taxpayer’s tax information without consent is permitted by law only under the following circumstances:
A tight security protocol eliminates the potential for penalties
The penalties for violating a taxpayer’s right to confidentiality are steep. Taxpayers can file a civil lawsuit for damages when their tax information has been illegally furnished to another party.
In 2015, the Federal Trade Commission filed a complaint against tax software company TaxSlayer, LLC which alleged that malicious hackers gained access to 9,000 accounts. The complaint charged that hackers used the data to file fraudulent tax returns and obtain tax refunds.
The complaint filed by the FTC accused TaxSlayer of violating the Gramm-Leach-Bliley Act’s Safeguard Rule and the Privacy rule. As a result, the company was ordered to obtain biennial third-party assessments for ten years to ensure ongoing compliance.
3. Double down on electronic data security
State and federal laws require tax preparers to maintain control over the security of electronic data from clients. Each state has its own set of data privacy laws, some of which are inspired by GDPR regulations.
Most state laws require businesses to disclose exactly what personal information is collected, and the purposes for which it is used. Businesses are required to provide consumers with a copy of their data—or delete the data—upon request. All valid deletion requests must be honored.
You can never be too careful about how you handle data privacy. Regardless of what the laws currently allow, it’s best to maintain top security practices such as end-to-end encryption and user authentication.
How to maintain strict control over electronic client data
Restrict access to all desktop and cloud-based applications by requiring employees to log in to an account, and do not allow shared credentials. The following access mistakes can be disastrous:
Bypass the stress of privacy concerns with Taxfyle
Are you confused or frustrated trying to stay compliant with ever-changing data protection laws? Onshoring your tax return preparation with Taxfyle is the best way to maintain client privacy as required by law.
We use top-of-the-line, secure software and servers to keep client data safe. Our licensed tax professionals employ a variety of accounting softwares so we can match you with professionals who have the same software as your team.
We take data security seriously, so we encrypt all client data at rest and in transit. Our database maintains strict SOC 2 compliant controls with data security, information policy, and compliance requirements. Your clients’ personal financial data is safe with Taxfye.
We’ll prepare as many returns as you need, so you can focus on client relationships and augmenting your primary operations. Request a live demo today and see how we can transform your firm.
Get the latest posts delivered right to your inbox