Do tax pros have to run external network scans?

Technical topics regarding tax preparation.
Post a reply
Post 29-Sep-2022 9:52pm
Top
#1
Lalva  
Posts:
294
Joined:
29-Apr-2014 6:36pm
Location:
California
Hello!

I am reading Pub 1345 and I am confused. On page 8 it says:
"External Vulnerability Scan. Online Providers of individual income tax returns must contract with an independent third-party vendor to run weekly external network vulnerability scans of all their “system components” in accordance with the applicable requirements of the Payment Card Industry Data Security Standards (PCIDSS)."

I want to make sure I am reading this correctly. Does the tax pro have to do this weekly vulnerability scan using an approved vendor? Or maybe is the client portal provider the one who has to do the scan?

If it's the tax pro who has to do this weekly scan, what company are you using?

Thank you for your help.
 
Stop overpaying for your tax firm website.
Please visit: www.TheSiteFactory.com
Post 30-Sep-2022 10:36am
Top
#2
CO CPA  
Posts:
734
Joined:
17-Oct-2018 10:46am
Location:
Colorado (CO)
Lalva wrote:Hello!

I am reading Pub 1345 and I am confused. On page 8 it says:
"External Vulnerability Scan. Online Providers of individual income tax returns must contract with an independent third-party vendor to run weekly external network vulnerability scans of all their “system components” in accordance with the applicable requirements of the Payment Card Industry Data Security Standards (PCIDSS)."

I want to make sure I am reading this correctly. Does the tax pro have to do this weekly vulnerability scan using an approved vendor? Or maybe is the client portal provider the one who has to do the scan?

If it's the tax pro who has to do this weekly scan, what company are you using?

Thank you for your help.


Online providers wording is key here. Are you an online provider? Does your client enter their sensitive information into a web hosted form?
 
Post 30-Sep-2022 11:02am
Top
#3
Lalva  
Posts:
294
Joined:
29-Apr-2014 6:36pm
Location:
California
That's the confusion. I have a secure client portal, hosted by TaxDome. I also provide a PDF that some clients fill out and send it to me through the portal.
 
Post 3-Oct-2022 9:12am
Top
#4
Derby  
Posts:
104
Joined:
10-Oct-2017 7:52am
Location:
Flint, MI
Pub 1345 refers to e-file definitions to define "Online Provider". Per Pub 3112 (IRS E-File Application and Participation), an Online Provider is a service like TurboTax:

Online Provider – allows taxpayers to self-prepare returns by entering return data directly on commercially
available software, software downloaded from an Internet site and prepared off-line, or through an online Internet
site. Online Provider is a secondary role; therefore, the business must also choose another Provider Option such
as Software Developer, Transmitter or Intermediate Service Provider. Even though an ERO may use an Internet
website to obtain information from taxpayers to originate the electronic submission of returns, the ERO is not an
Online Provider
 
Post a reply

Return to Taxation



Who is online

Users browsing this forum: No registered users and 75 guests

Switch to mobile style
Powered by phpBB® Forum Software © phpBB Group