IRS outlines security measures

Written on Jan 18, 2018

The IRS says it is continuing to review its procedures to protect sensitive taxpayer data as the 2017 filing seasons prepares to launch.

As part of this effort, the IRS will request additional information from tax professionals who contact the agency through the Practitioner Priority Service or any toll-free IRS telephone number.

This procedural change will require tax practitioners to provide personal information so that IRS customer service representatives may confirm the caller’s identity. This additional information may include data such as Social Security number and date of birth. The IRS says this personal information, in addition to the CAF number, is necessary to verify the identities of the person to whom the IRS is releasing taxpayer information.

The agency has also made an update to Form 2848, Power of Attorney, and Form 8821, Tax Information Authorization, that will require practitioners to inform clients if they are using an Intermediate Service Provider to access client transcripts via the Transcript Delivery System. A box must be checked by those using a third party. The IRS defines Intermediate Service Providers as privately owned companies that offer subscriptions to their software or services that the taxpayer’s authorized representative can use to retrieve, store, and display tax return data (personal or business) instead of obtaining tax information directly from the IRS. The IRS must know who is using our tools; and taxpayers must know when a party other than their authorized representative is involved in accessing their sensitive data.

The IRS has also strengthened protections for IRS e-Services. E-Services account holders should immediately upgrade their accounts through the new two-factor identity verification process. Some users might need to complete this process by mail, which could add 10 days or more to the process. In the future, each e-Service user will be required to sign a new user agreement to ensure they understand their security obligations.

Leave a comment