An updated Federal Trade Commission rule takes effect on June 9, 2023, and it affects many members, including tax practitioners.

A Written Information Security Plan (WISP) is required by the Federal Trade Commission’s (FTC) Safeguards Rule of the Gramm-Leach-Bliley Act (GLBA) whereby financial institutions, including tax preparers, must develop, implement and maintain a comprehensive security plan to protect customer and client information.

The following free resources below may offer assistance about how to comply.

• Tax landing page “Professional responsibilities in data security” – this page contains various resources and information and is open to all AICPA members https://www.aicpa-cima.com/resources/article/professional-responsibilities-in-data-security-for-tax-professionals

•  Journal of Accountancy article February 1, 2023 – “How the FTC Safeguards Rule may affect your CPA firm”

• Tax Adviser article May 1, 2023 “Complying with the Safeguards Rule for information security” 

• IRS Publication 5709 (11-2022) "How to Create a Written Information Security Plan for Data Safety"

•  IRS Publication 5708 “Creating a Written Information Security Plan for your Tax & Accounting Practice”with sample template