November
2009
|
Article
The IRS on Thursday announced a pilot program aimed at deterring identity theft (Notice 200993). Under the program, filers of certain paper information returns will be allowed to truncate the payee’s Social Security number on the payee statement. The change affects statements for 2009 and 2010. Only paper payee statements for forms in the 1098, 1099 and 5498 series are eligible for the program.
|
|
|
November
2009
|
Article
The AICPA filed a lawsuit on Tuesday seeking to bar the Federal Trade Commission from applying its socalled Red Flags Rule to CPAs. The Institute says the rule, which is designed to help prevent identity theft, would “impose onerous and unnecessary requirements on AICPA members.” The lawsuit, filed in U.S.
|
|
|
October
2009
|
BY
Gerard H. Schreiber Jr., CPA
|
Article
IRS rules effective Jan. 1, 2009, delineate more strictly tax return preparers’ duties to safeguard taxpayer information from unauthorized disclosure or use. IRC § 7216 imposes criminal penalties on the unauthorized use of taxpayer information. The requirements are closely tailored to the type of information, the party using it, and whether that party is inside or outside the United States.
|
|
|
August
2009
|
BY
MATTHEW G. LAMOREAUX
|
Article
The AICPA on Tuesday asked the Federal Trade Commission (FTC) to exempt CPAs from certain provisions of its Red Flags Rule to prevent identity theft. The current action by the AICPA follows an FTC announcement last week that it would delay enforcement of the rule until Nov. 1.
|
|
|
July
2009
|
BY
James F. Leon
|
Article
All of your business systems’ users have confidential passwords. Does that mean your system and its contents are safe? Definitely not. As this article explains, organizations that don’t ensure the ongoing security of their passwords are exposing themselves to fraud and potential liability by failing to protect confidential information.
|
|
|
July
2009
|
BY
JAMES F. LEON
|
Article
Editor's note This is a Webexclusive exhibit for Password Management Strategies for Safer Systems. Advise users to never put their password on a Postit Note or in another unsafe location. Prohibit users from including a cleartext password in an email message. Require users to consult a manager when an unfamiliar person asks for a password via email or over the phone.
|
|
|
July
2009
|
BY
JAMES F. LEON
|
Article
Editor's note This is a Webexclusive exhibit for Password Management Strategies for Safer Systems. Primary Security Risks Effective Countermeasures Failing to enhance password security in order to focus on searching for a “perfect” security system and obtaining more funding. Immediately improve password security procedures.
|
|
|
July
2009
|
BY
James F. Leon
|
Article
Editor's note This is a Webexclusive exhibit for Password Management Strategies for Safer Systems. Term Definition Clear Text Unencrypted characters in, for example, a password. Crack To decode an encrypted password. Social Engineering A hacker’s use of a plausible pretext to intimidate or trick an employee into divulging a password without proper authorization.
|
|
|
June
2009
|
BY
SIMON PETRAVICK, STEPHEN G. KERR
|
Article
Their widespread use sometimes makes relatively new technologies seem safer than they are. In fact, even popular and advantageous innovative devices may have significant risks. Prominent examples include datafilled laptops and flash drives. Recurrent headlines make it clear Your laptop could become one of the thousands lost or stolen every year.
|
|
|
June
2009
|
BY
SIMON PETRAVICK, STEPHEN G. KERR
|
Article
Editor's note This is a sidebar for Protect Your Portable Data Always and Everywhere. CPAs should understand their ethical, legal and regulatory responsibilities to safeguard data. The following listings direct you to primary sources LAWS, REGULATIONS Federal laws Federal Trade Commission, GrammLeachBliley Act, Disclosure of Nonpublic Personal Information, tinyurl.com8k3e6 Department of Commerce, National Institute of Standards and Technology, Federal Information Processing Standards (FIPS), csrc.nist.govpublicationsPubsFIPS.html Department of Education, Family Educational Rights and Privacy Act (FERPA), tinyurl.com3ydvw Department of Health and Human Services, Office for
|