Any record about a consumer that is held by a financial institution, including tax returns, Social Security numbers, and financial account data.
Under the FTC Safeguards Rule, customer information means any record containing nonpublic personal information about a consumer that is handled by or on behalf of a financial institution (16 CFR 314.2(d)). For CPA firms, this includes tax returns, W-2s, 1099s, Social Security numbers, bank account information, mortgage details, brokerage statements, and any other client financial record. Customer information includes records held electronically, in paper form, and in any other medium.
The scope of customer information determines what your security program must protect. Many firms underestimate it, focusing only on tax returns while overlooking working papers, email attachments, voicemails with bank details, and old paper files. Every system that touches customer information falls under the Safeguards Rule. Your data inventory and WISP must cover all of it, not just the tax software.
The Data Inventory & Classification module handles this for your firm, personalized to your software, team size, and state requirements.
See plans and pricingA comprehensive record of all systems, applications, and locations where your firm stores, processes, or transmits client data.
A federal regulation requiring financial institutions, including tax preparers, to develop and maintain a comprehensive information security program.
A documented set of policies and procedures describing how your firm protects sensitive client data.
Buy the WISP yourself if you need the document.
Talk to us if you want the platform.
We use cookies to measure site performance and improve your experience. No data is sold to third parties. Privacy Policy