We would recently approached by a policyholder about affirmative consent requirements imposed by IRS regulations under Internal Revenue Code section 7216.
Under the code, a tax return preparer is subject to criminal penalties under section 7216 if the preparer “knowingly or recklessly” discloses or uses tax return information. A fine of up to $1,000 or one year imprisonment, or both, could result for each violation. Additionally, Internal Revenue Code section 6713 provides for a civil penalty of $250 for each prohibited disclosure or use of tax return information by a tax preparer.
The member’s question pertained specifically to the storage of client contact information on a mobile telephone, mobile devices, or in software or applications. Do you need a client’s consent to store this information? The short answer is “Yes”.
Although there is doubt that 7216 penalties would extend to client’s consent for adding client information into a contact manager, though is no clear and authoritative guidance on this from the IRS. The most conservative approach is to add language to engagement letters or tax organizers which states that the accountant will store engagement data in various digital forms and locations. The accountant should also keep data security protections current.
Ralph Picardi, Esq., the risk management consultant to the CPAGold™ program has developed specific language for a data security provision in an engagement letter. A copy of the clause may be found here.
We hope you will find this useful.
Ralph may be contacted at (866) 668 7475.
Jorgensen & Company are not attorneys and do not offer any form of legal advice. Consult with appropriately qualified local counsel for more assistance. Rickard Jorgensen is President and Chief Underwriting Officer for the CPAGold™ program and may be contacted at (201) 345 2440 or firstname.lastname@example.org.