Any IRS provider can develop a Data Security Plan using a quality Template.
Category Archives: Regulatory Compliance
In May 2024 the U.S. Securities and Exchange Commission (SEC) adopted amendments to its Regulation S-P, adding to the cyber security requirements for registered investment advisers (including registered investment companies and investment funds. The final SEC cyber risk management rules require advisers and funds to adopt and implement a program with written cybersecurity policies and […]
The Internal Revenue Service (IRS) recently added a requirement for all tax preparers to develop a “Data Security Plan” to protect customer data. The IRS responded to growing threats against small businesses that handle sensitive customer information. Tax professionals can be ideal targets since electronic tax data contains lots of personal information that would be […]
In April 2021 the United States Department of Labor (DOL) issued its first guidance to help retirement plan sponsors and administrators implement a sound cyber security program. The Department of Labor estimates that over $9 trillion in assets are held in various retirement plans, making them prime targets for hackers. The Employee Benefits Security Administration (EBSA) […]
The IRS now requires that every tax preparer that files electronic returns must have a Cyber Security Plan in place. For months our customers have asked us to provide a quality solution that (1) Addresses key IRS Cyber Security requirements and (2) is affordable for a small office. Today we announced the release of our […]
First Enforcement Action Signals a Need for Cyber Review In March 2017, the New York State Department of Financial Services passed their cyber law - Cybersecurity Requirements for Financial Services Companies, 23 N.Y.C.R.R. Part 500 (NYS-DFS 500). The law imposed formal cyber security requirements for covered insurance entities and their vendors. This law was groundbreaking at [...]
Attorneys Create New Control Framework The Association of Corporate Counsel (ACC), which represents over 42,000 in-house counsel across 85 countries, recently released a new control model to help organizations interact with outside parties when dealing with sensitive information. This is among the many new business domains areas where vendor risk management has become a key issue. […]
Many financial services firms are currently building programs to comply with the information security requirements of the Securities and Exchange Commission (SEC). In this article we discuss some key information security policy and compliance lessons that organizations can learn and adopt for their own programs. In 2016 the SEC has increased its focus on cyber […]
Regardless of an organization’s size, industry, geographical location, or the extent to which it uses computers; information security is an important matter that should be addressed by explicit policies. Some experts say that the lack of a well-defined corporate information security policy is the single biggest problem with most security efforts. Major data protection laws […]
Legal precedents are beginning to dictate a new standard for the notification of policy changes to your customers and employees. In the “old days” organizations would post changes to information security policies on the corporate intranet, and perhaps even notify employees that these changes occurred via email or some other means. However, in legal actions […]