Continuously Implement Robust Written Information Security Programs (WISPs) to Protect Sensitive Tax Data, Ensure Compliance, and Safeguard Financial Integrity
Continuously Strengthen Written Information Security Programs (WISPs) to Protect Sensitive Tax Data, Ensure Compliance, and Safeguard Financial Integrity
For tax preparers of all sizes—whether you’re a sole proprietor working from home or managing a team across multiple offices—the IRS Written Information Security Programs function as a “Living Document,” continually adapting to reflect the latest insights and best practices. This forward-thinking approach keeps your content evergreen and never outdated, as it is regularly updated to fulfill new regulatory requirements, ensuring readers have the most accurate and relevant details. By providing a perpetually up-to-date resource, these WISPs inspire trust and confidence in their precision, compliance, and ability to safeguard sensitive data.
Using terms like “continually updated,” “evergreen,” “latest insights,” and “best practices” emphasizes the dynamic nature of these plans while helping tax preparers better protect their clients’ information through regular enhancements. Consequently, these actively maintained WISPs support higher search visibility and ongoing compliance in a constantly shifting regulatory landscape. Ultimately, adopting a Living Document strategy ensures that IRS Written Information Security Programs remain aligned with evolving standards and help mitigate potential security threats.
Keep Your IRS Written Information Security Programs (WISPs) Continuously Updated with All Rules and Regulations
Key Continuous Update Requirements for Authorized IRS e-file Providers
- Extended Validation SSL Certificate
Use a valid EV SSL certificate (TLS 1.2+ / 2048-bit RSA/128-bit AES encryption) to secure online transactions. - Weekly External Vulnerability Scans
Hire a PCI SSC-certified vendor for weekly scans; address vulnerabilities immediately and retain reports for at least one year. - Information Privacy & Safeguard
Policies
Maintain a written policy including: “We maintain physical, electronic, and procedural safeguards that comply with applicable law and federal standards,” validated by an IRS-approved privacy seal vendor. - Protection Against Fraudulent Bulk
Filings
Implement technologies to prevent bulk filing of fraudulent returns; only handle taxpayer data through secure, compliant systems. - Public Domain Name Registration
Register domain names through a U.S.-based, ICANN-accredited registrar; lock domains and avoid private registrations. - Reporting of Security Incidents
Immediately notify the IRS of breaches or unauthorized data access—no later than the next business day—and suspend data collection on affected sites until issues are resolved.
Continuously Updating Your WISP with Authoritative Sources
We leverage the latest IRS and FTC guidelines—such as Publications 1345, 4557, 5078, 5293, 5417, 5709, and 5708, as well as the FTC Data Breach Response Guide, FTC on Privacy, and FTC GLBA (Gramm-Leach-Bliley Act)—to keep your WISP current. Since you used our WISP services last year, we encourage you to continue with us to maintain an evergreen, continuously evolving, and always current plan. Contact US today to stay in full compliance and confidently protect taxpayer data.
Contact Us for Written Information Security Programs payment processing
