Safeguarding Data: Requirements and Resources

BY SIMON PETRAVICK AND STEPHEN G. KERR

June 1, 2009

Please note: This item is from our archives and was published in 2009. It is provided for historical reference. The content may be out of date and links may no longer function.

September 2, 2025

Incorporating prompt engineering into the accounting curriculum

September 1, 2025

Create a dynamic to-do list with Excel’s checkboxes

September 1, 2025

Another way to manage authentication texts

Technology
- Information Security & Privacy
- Information & Data Management

Editor’s note: This is a sidebar for “Protect Your Portable Data – Always and Everywhere.”

CPAs should understand their ethical, legal and regulatory responsibilities to safeguard data. The following listings direct you to primary sources:

LAWS, REGULATIONS

Federal laws

Federal Trade Commission, Gramm-Leach-Bliley Act, Disclosure of Nonpublic Personal Information, tinyurl.com/8k3e6
Department of Commerce, National Institute of Standards and Technology, Federal Information Processing Standards (FIPS), csrc.nist.gov/publications/PubsFIPS.html
Department of Education, Family Educational Rights and Privacy Act (FERPA), tinyurl.com/3ydvw
Department of Health and Human Services, Office for Civil Rights, Health Insurance Portability and Accountability Act (HIPAA), www.hhs.gov/ocr/hipaa

State and local laws

AICPA tally of states and territories that have enacted legislation governing data security breaches, tinyurl.com/bdy9wq. At this writing, 44 states, the District of Columbia, Puerto Rico and the U.S. Virgin Islands had done so.

RESOURCES

Federal Trade Commission (FTC). The FTC’s information for businesses can help you enhance compliance with the law. Also, see regulatory guidance and law enforcement information from the FTC’s Bureau of Consumer Protection, as well as a catalog of cases brought by the agency and a list of all Commission actions (http://www.ftc.gov/bcp/resources.shtml). Other useful FTC publications include:

Protecting Personal Information: A Guide for Business, www.ftc.gov/infosecurity
How to Comply with the Privacy of Consumer Financial Information Rule of the Gramm-Leach-Bliley Act, tinyurl.com/dx4ogc
In Brief: The Financial Privacy Requirements of the Gramm-Leach-Bliley Act, tinyurl.com/cgvsqk

Privacy Rights Clearinghouse. Practical information on privacy violations and other issues related to data security breaches, www.privacyrights.org

FROM THIS MONTH'S ISSUE

Building a better CPA firm: Stepping up service offerings

A key step in business model modernization is determining how to implement services that satisfy clients and employees.

MAGAZINE

Safeguarding Data: Requirements and Resources

Incorporating prompt engineering into the accounting curriculum

Create a dynamic to-do list with Excel’s checkboxes

Another way to manage authentication texts

Features

Calming nervous clients nearing retirement

7 retirement tips for small firm CPAs

Building a better CPA firm: Stepping up service offerings

2025 tax software survey

FROM THIS MONTH'S ISSUE

Building a better CPA firm: Stepping up service offerings

From The Tax Adviser

2025 tax software survey

Are you doing all you can to keep the cash method for your clients?

Current developments in S corporations

Paid student-athletes: Tax implications for universities and donors

MAGAZINE

HOME

ABOUT

SUBSCRIBE

AICPA & CIMA SITES