Safeguarding Data: Requirements and Resources

BY SIMON PETRAVICK AND STEPHEN G. KERR

Editor's note: This is a sidebar for " Protect Your Portable Data - Always and Everywhere ."

 

CPAs should understand their ethical, legal and regulatory responsibilities to safeguard data. The following listings direct you to primary sources:

 

LAWS, REGULATIONS

 

  Federal laws

  • Federal Trade Commission, Gramm-Leach-Bliley Act, Disclosure of Nonpublic Personal Information, tinyurl.com/8k3e6
  • Department of Commerce, National Institute of Standards and Technology, Federal Information Processing Standards (FIPS), csrc.nist.gov/publications/PubsFIPS.html
  • Department of Education, Family Educational Rights and Privacy Act (FERPA), tinyurl.com/3ydvw
  • Department of Health and Human Services, Office for Civil Rights, Health Insurance Portability and Accountability Act (HIPAA), www.hhs.gov/ocr/hipaa

 

  State and local laws

  • AICPA tally of states and territories that have enacted legislation governing data security breaches, tinyurl.com/bdy9wq. At this writing, 44 states, the District of Columbia, Puerto Rico and the U.S. Virgin Islands had done so.

 

RESOURCES

 

  Federal Trade Commission (FTC). The FTC’s information for businesses can help you enhance compliance with the law. Also, see regulatory guidance and law enforcement information from the FTC’s Bureau of Consumer Protection, as well as a catalog of cases brought by the agency and a list of all Commission actions (http://www.ftc.gov/bcp/resources.shtml). Other useful FTC publications include:

 

  Privacy Rights Clearinghouse. Practical information on privacy violations and other issues related to data security breaches, www.privacyrights.org

 

SPONSORED REPORT

Why cybercriminals are targeting CPAs

This free report expands on the most commonly found scams, why education and specialized IT knowledge help to lessen security vulnerabilities, and why every firm should plan carefully for how it would respond to a breach.

PODCAST

How tax reform — and Excel — are changing the CPA Exam

Mike Decker, the vice president of examinations at the AICPA, discusses changes being made to the exam as a result of tax reform — and about how Excel will now be available for use on the test.