Protect your practice!
The Tax Practitioners Board has received information that hackers may be targeting tax practitioners and their practices in an attempt to harvest personal information, commit identity fraud, or to launch ransomware and other malicious attacks.
It is important to ensure that you have sufficient IT controls in place to protect the security and confidentiality of your client records and therefore assist you in meeting your obligations under the Code of Professional Conduct (Code).
As a minimum, the Board considers the following to be best practice:
- install and maintain anti-virus software on your workplace computers
- deploy firewalls on your workplace computers and/or workplace networks
- ensure that your computer operating systems and programs always have the latest security patches
- protect client records or files using encryption where possible
- regularly change your passwords
- consider using a second form of authentication (for example, SMS) to protect your online accounts (for example, email) where possible.
You may wish to seek expert advice from an IT security provider to determine what software suits your commercial needs while meeting your Code obligation to protect client confidentiality.
Last modified: 13 December 2016