Share with your friends

data privacy tax season

How to audit your data privacy during tax season

While you dig up your sensitive personal information to complete your tax return, it’s a good time to also review your data privacy. Here are few things you can do to protect your personal information:

Legal Advice You Can Trust

Get quick support from real lawyers.

Check your mailing address on your accounts

Check your mailing address on each of your financial, medical and other accounts to make sure your personal information isn’t being sent to someone else. Even though the post office usually automatically returns mail addressed to people who’ve moved, this doesn’t always happen. Don’t only rely on forwarding either, since it lasts for just a year after you move.

Review the policies for financial aggregator services

Even though financial aggregator services (services that combine all financial information into one place) are convenient and can often give you a huge jump on completing your tax return, they come with risks. In the event that they’re hacked and your information is stolen, will they cover your losses?

Additionally, what does your bank say about using these services? Often, giving your password to a third party negates some or all of the fraud protection on your account.

Verify your network security settings

Your Wi-Fi should be password-protected even if you have no nearby neighbors. Criminals often drive around looking for open networks.

Set your laptop or mobile devices to never automatically connect to new Wi-Fi networks. Even if you avoid doing things like going on your bank website, your email can automatically check for new messages while you’re connected to an unsecured network, and it could give away your email password and allow access to your other accounts. Try to use your own data connection, and if you can’t, use a VPN.

Request your annual credit report

Request your free annual credit report to double-check for possible identity theft. Things you’re looking for include accounts you don’t recognize and credit pulls marked as initiated by the consumer.

Note that credit pulls marked as promotional or marketing are usually not signs of identity theft because many financial services companies buy credit reports for everyone meeting certain criteria and don’t need your permission to do so. The only exception is if you’ve frozen your credit.

Additional steps for business owners

If you’re a business owner, you’ll also want to make sure your business data is safe.

  • Review laws and professional ethics rules related to client data. A website or service advertised as safe may not be safe enough. For example, medical professionals need to comply with HIPAA and other laws that require additional security measures.
  • Set safeguards for transmitting sensitive data. An increasingly common scheme is phishing attacks sent to the payroll department asking for all employee W-2s. The email looks like it comes from HR or the CEO, but in reality, the reply goes to cybercriminals. Have a verification process in place to make sure these types of requests are legitimate and going to the right place, for example, require an in-person conversation before replying to the email.
  • Audit your third-party providers. What security methods are they using to protect your data? Are there any public complaints against them? What guarantees do they make in the event of a data breach?
  • Examine your access controls. Whether you’re using old-fashioned filing cabinets with a physical key or online storage, your data should be protected using file permissions. This includes setting appropriate permissions such as view-only or able to edit. Check that each employee’s access is appropriate for their current role and is not broader than necessary.

To learn more about your legal liability for a potential data breach, how to protect yourself from liability or how to respond to a data breach, talk to an attorney with experience in the data privacy area.

Comments are closed.