Why is it mandatory for tax preparers and accounting firms to have a client portal?
Over the years there have been major issues with data breaches. Client information has been compromised from not only small companies but also large very well known ones. This issue has prompted the need to create secure client portals as the only means to exchange information.
There have always been rules in place that accounting firms must adhere to in order to protect their client’s personal information. Unfortunately, there are numerous ways this information can be stolen. Hacking is, of course, the big one which can be done through the website and especially email. Information stored on a device can easily be stolen, deleting the information incorrectly, and of course plain old fraudulent behavior.
Your accounting business no matter how secure you think it is is not immune to these problems. For years this has been happening, so what steps can be taken to lower your chances of being a victim.
Remember this doesn’t just affect your clients and their information but the backlash and cost to your accounting firm could be substantial, especially if you are a small to medium size firm.
Lawsuits – Clients can take you to court for any kind of a data breach.
Federal Compliance Fees and Penalties – If you haven’t followed it to the letter, you could wind up paying substantially to the government.
Poor Insurance Coverage – You need to consult thoroughly with your insurance company to make sure there are no loopholes they can find if a breach happens. If they do you will not be covered and end up paying a lot.
Loss of Reputation – If a breach happens people will lose their trust in your company, making it hard to keep and earn more business.
There are multiple things you must understand about the Federal Regulations first to ensure you are following the proper guidelines. The government has implemented 6 privacy and security standards that will provide better protection to taxpayers and their private information that is collected. Although these regulations have been around for years, it’s really being enforced due to so many problems.
1. Extended Validation SSL Certificate (EV SSL)
SSL certificates are common to have for most websites. However, there are basic inexpensive certificates that you don’t want to use for your accounting website. Ensure that you are purchasing the actual Extended Validation one.
2. External Vulnerability Scan
You should consistently be scanning your entire network and every component/system within your organization to ensure there have been no breaches. These scans should at minimum be done weekly. If there are any vulnerabilities, steps need to be taken right away to fix it. You must report everything and keep records of all your scans.
You must also ensure that scans are in accordance with the Payment Card Industry Data Security Standards (PCIDSS). These scans must also be completed by a third-party company outside of your organization who is on the list of Approved Scanning Vendors (ASV). Your hosting company must comply with PCIDSS as well.
3. Safeguard Policies and Information Privacy
You must also have proper accreditation and/or a license seal and a privacy seal. These can be acquired from a consumer protection vendor but that vendor must be IRS approved.
4. Protection from Bulk Filing of Income Tax Returns that are Fraudulent
This is also for companies who run their income tax business online. You must have proper technology that can successfully protect your website from bulk filings of income tax returns that are fraudulent. Without this, you cannot run your business.
5. Domain Name Registration
For your online income tax business, your domain name should not only be registered with a company that is in the United States but it should also be accredited by ICANN. You also can’t have a private domain name as it must be public and locked.
If you have a security incident which can be anything from hacking to improper dispensing of information you must report it right away to the IRS. By right away that means the day it happened and no later. If your website is causing the issue then you must stop using and collecting any client information. Once the issue is successfully resolved you can resume website use.
What can you do to help keep everything secure?
Well, many businesses communicate primarily through email. Accounting firms and tax preparers can no longer pass any information back and forth with their clients. All details and information must pass through a secure client portal. Again, this is to help protect your business and your clients.
A huge problem has been emails. Many companies send emails to clients every day. It’s not enough to just have encrypted emails, you have to have a client portal. If you are an accounting firm and you do not have a client portal it’s time to create one.
You will find many companies out there who provide ready-made client portal software specifically for accounting firms and tax preparers.
If you are looking for a simple solution to integrate into your website, a ready-made portal is a great solution and cost-effective. You can use a software development company like SDI to help you update your website to include this new client portal. The only issue with this is there is less flexibility if you want to customize anything. You have to use what the software has and you may have access to features that you don’t even need for your company.
The other option is to create a custom portal for you and your clients. Creating a custom SaaS for your business has a lot of benefits. You will have the ability to customize features and functions exactly the way you want them. It can create a better user experience for both you and your clients. This option does take a little more time and money but you get exactly what you want. You should make sure that when you hire a software development company that they know how to follow the proper federal guidelines and regulations when implementing this.
No matter which route you choose to go with, the main point is that you must have a client portal. Some of the key features you want to include are:
1. Upload documents – Drag multiple documents and files at one time into the system. It should also support many different file formats and sizes.
2. Organize – Create folders where you can easily house all your files.
3. Tracking – The software should track everything that happens so you know who made the action, when they did it, and exactly what they did.
4. E-signature – With one click you can sign any document to send out without the need to print, sign, and scan.
5. Communication – You need a simple and very secure way to communicate not only with others within your company but also with the clients. Assign tasks to employees and partners as well.
6. Permissions – Flexibility to give employees and even clients access to certain functions within the software or take them away.
7. Encryption and Security – Bank and government level encryption is needed. All documents and communication must be completely secure.
8. Review – Preview any documents in any format you wish.
One thing to remember is that your clients have a lot to choose from when it comes to tax software and even apps. You want to ensure that you use or create something that is really easy to use. Taxes are no fun but your software could make it a little more pleasurable.
There are so many options and features you can include into your portal beyond just these. If you haven’t already implemented a client portal for your accounting firm then it’s now time to do so. Even if you have one, it might be time to update it to match client demand and changes within the industry. If you want to learn more about which ready-made software is best for your accounting firm or create a custom software then contact Sakshi Sharma at 408.621.8481 or firstname.lastname@example.org.