The IRS is reminding tax professionals about the federal mandate to have a Written Information Security Plan (WISP) designed to help protect them against threats from identity thieves and data breaches.
The Gramm-Leach-Bliley Act, signed into law in 1999, requires all financial institutions to protect customer data. Under the law, tax and accounting professionals are considered financial institutions and must implement a data security plan.
The IRS emphasized that a good WISP focuses on three areas:
- Employee management and training
- Information systems
- Detecting and managing system failures.
The IRS offers tools and resources to help tax professionals, especially smaller practices, develop a WISP.