GruntWorx Featured Post

Physical Data Security Tips for a Digital World

Filing season officially starts in ten days!

Before the panic washes over you, remember that the Internal Revenue Service has been hard at work developing resources that will help tax professionals be ready by January 27. This week, they issued a tax tip addressing the physical side of data security, which is an integral part of running a tax office.

It’s tempting to think of data security in purely digital terms. After all, you’ve likely dedicated a lot of time (and money) on decisions related to your office network:

  • Converting to a paperless environment
  • Developing unique usernames and passwords for online accounts
  • Installing and updating security software
  • Purchasing new computer equipment
  • Training staff to avoid the latest phishing scams
  • While all of those preparations are an essential part of protecting personally identifiable information, a recent IRS tax tip warns that you shouldn’t forget about tried and true pre-Digital Age security practices. Identity thieves are more than happy to rummage through your garbage to find data that they can steal.

    How do I protect data in my tax office?

    Criminals quickly incorporated digital platforms in their scams, since these tools exponentially increase their ability to target and defraud potential victims. However, that doesn’t mean identity thieves abandoned older strategies, like shoulder surfing, dumpster diving, and stealing mail.

    To protect physical documents from prying eyes, the IRS says that you need to ask yourself a few basic questions:

  • Are all the places where taxpayer information is located protected from unauthorized access?
  • What about other potential dangers such as theft, flood and tornado?
  • Are there written procedures that prevent unauthorized access and unauthorized processes?
  • Is taxpayer information left unsecured? This includes data stored electronically.
  • Did I check desks, photocopiers, mailboxes, vehicles, and trashcans?
  • Have I taken steps to secure data in rooms in the office or at home where unauthorized access could occur?
  • Who authorizes or controls delivery and removal of taxpayer information, including data stored electronically?
  • Are the doors to file rooms and computer rooms locked?
  • Is there a secure disposal of taxpayer information, such as shredders, burn boxes, or secure temporary file areas for information until it can be properly disposed?
  • In short, PII should only be visible to those who are authorized to interact with it. Since developing a written data security plan that accounts for both digital and physical security issues is an essential part of that goal, it’s a good idea to take this IRS advice to heart.

    For more data security resources, check out the Security Summit page on, which has aggregated a number of helpful data-security resources. As a partnership between state tax agencies, the IRS, and private members of the tax industry, the Security Summit has worked since its 2015 formation to educate the public about data security best practices.

    Source: Tax Tip 2020-02

    Browse By Topic

    Paste your AdWords Remarketing code here
    Browse GruntWorx

    GruntWorx, LLC.

    Font Resize