What I Wish My CPA Knew
By Kristin McQuivey, Writer, eFileCabinet
This year my husband and I were in the market for a new accountant. We had had a couple of ‘less-than-stellar’ experiences with our prior CPA, and it was time to shop around. After spending the last two years as a writer for eFileCabinet, a paperless software that was originally founded specifically for the accounting professional, let’s just say that I’ve learned a lot about what’s important when handling confidential information. And it suddenly really matters—a lot—when it’s my own family’s confidential information we’re talking about.
The first accountant came highly recommended from a friend. Upon meeting with him, he was very personable, seemed to know what he was doing, and had us pretty convinced, until I asked him about his document management processes.
“Oh,” he said. “I just use the Windows filing system. I don’t see a need to pay extra for one of those ‘official’ software systems.”
Red flag number one. “Well, how do you back up everything? How do you keep all your files safe?” He said he was sure someone did that, and there was a server somewhere…maybe. “And how do you send and receive information with clients?” I pressed. He smiled and said email attachments seemed to work just fine.
I have no doubt that this fellow could number crunch with the best of them. He seemed honest and likable and, as I said, came highly recommended. However, I simply know too much about what can potentially happen with the jackpot of personal information I hand over to him. His lack of knowledge and lackadaisical attitude about protecting my information in this day and age, where someone’s identity is stolen every two seconds, simply won’t do.
Here are a few things I want to make sure my CPA knows:
Security is KEY.
Not only should my information be secure from unauthorized access, it also needs to be kept safe from physical harm or destruction. I want to know my files are protected with bank-level (look for 256-bit AES encryption) security both at transit and at rest. There should be daily file backup, preferably both physically and in-the-cloud. With today’s threat level, your file backup should have a backup. Seriously. I also want to know there are user-based permissions and audit tracking, so only certain people can access my documents.
Please don’t email me a soft copy of my taxes.
Are you sending files that contain client information as email attachments? Do you ever back up or transfer information using a flash drive or CD? These are just a few examples of methods still used today that have zero compliance or security and leave you and your firm liable for any security breach.
Unencrypted email of confidential data, such as tax returns, W-2’s, and 1099’s, is a massive compliance and security problem. Emailing these documents can result in significant fines and penalties from state and federal regulators. You can mitigate the risks associated with un-encrypted email by using a web portal that is secure and compliant. Such a portal removes the need for FedEx, UPS, FTP, email, faxes, or personally driving to deliver critical files, and keeps my information completely secure in an incredibly convenient way for us both.
Please be well versed in information security as well as best accounting practices.
Be proactive after choosing a well-designed, secure document management system, and make sure each of your firm’s employees is trained in all data handling processes. If you’re one of the accountants in that firm, ask the right questions and learn about information security so you can answer client questions. This gives you immediate increased value in the eyes of your customers and better client retention as they have more confidence in your ability.
Why It Matters
These precautions protect both me and your firm, as potential disaster can come from an internal, inept employee, a malicious, mal-intended threat (internal or external), or even natural disaster. Having my information stolen is extremely costly—it’s expected to reach $100 billion in losses annually in the U.S. alone—and the havoc caused to victims’ finances is just the tip of the iceberg. When personal information is stolen, a world of criminal possibilities opens up. And, the more sensitive the information the thieves get, the worse the consequences can be. Just think of all the private information contained in your taxes! Chris Swecker, FBI security expert, stated, “Tax returns are the holy grail for the bad guys.”
Besides the huge financial hit, if my information is compromised, my credit score may never recover, not to mention the time it takes to try to resolve it. Victims often face years (yes, years!) of clean up with creditors and credit reporting agencies. (Read about Martina Henry’s expensive, 16-year nightmare when her identity was stolen here.)
Exposing my personal information is also potentially very costly to my accountant—think six-figure fines and the possibility of forced firm closure. Brian Tankersley, CPA, CITP, and Technology Editor for The CPA Practice Advisor Magazine, advises, “While security breaches can cost a company dearly when it comes to a marred public image and a loss in customer confidence, the actual financial costs can be staggering. Not having systems and procedures in place to manage risks associated with privacy breach laws and regs is the new way to lose your house.”
For more valuable information on how to protect your clients—and your firm—read my article DMS for Accountants: Not Optional Anymore. It’s full of helpful advice as well as exactly what to look for in a secure document management system. Wish I’d had a copy with me to leave with that otherwise highly competent CPA—the one who didn’t add me to his client base this year.
eFileCabinet is a leading provider of electronic document management software for small to mid-sized businesses. With electronic sharing capabilities and paperless filing, you can cut out pounds of paper and save your business time and money. With features like eSignatures, optical character recognition, instant electronic sharing, and cloud-based file storage, eFileCabinet can bring your office into the paperless era.
Are You Ready to Learn More?