Tuesday, December 01, 2009

CPA’s, Identity Theft, and the Law

By: Sue B Martines J.D.

The attorneys may have gotten off the hook for the Red Flags Rule requirements, but so far, not the CPA’s, among other “professionals” (such as physicians). Picture this – two so-called “professionals,” one an attorney and one a CPA, discuss identity theft and the Red Flags Rule implemented by the FTC to help businesses develop “Red Flag” indicators for fraud – the conversation might go something like this:

Attorney, “being a busy professional, I sure am grateful to not have another burdensome requirement made of me by the government!”

CPA, “being a busy professional, I sure am grateful for the opportunity to have guidance on how to better guard against the time-consuming, professionally-damaging and high client impact of an identity theft or data breach!”

Two different professionals, two different treatments so far, by the law!

In a previous posting, we discussed the recent court decision finding attorneys exempt from the “burdensome” requirements of the Red Flags Rule; here we make the somewhat absurd double-standard comparison, you might say, to one of their counterparts -- CPA’s.

We all know there’s no immunity from identity theft risk. The American Institute of CPA’s itself fell prey to the #1 risk factor – human error – when in 2006 a damaged hard drive containing personal information was sent out for repair and was lost in transport. (http://www.pro2net.com/x52999.xml)

However, in an IRS online publication regarding CPA’s and identity theft, you will find zero things unique to the CPA that wouldn’t equally apply to an attorney! (http://www.irs.gov/pub/irs-utl/identity_theft_what_cpas_need_to_know.pdf)

Certainly the fight may not be over for CPA’s, or other “busy professionals” whose attorneys will challenge the Red Flags Rule “requirements” to have an identity theft prevention and mitigation plan in place by June 1, 2010.

Yet, if only all CPA’s could look at identity theft and data protection measures like the one in the discussion above – it could mean less lawsuits for the “burdened” attorneys, and better protection of client data!

Maybe the requirements of the law aren’t that bad of an idea after all!

Sue B Martines is a recovering attorney of 12 years now living in Oregon. Sue can be reached at, suebmartines@gmail.com

Labels: , , , , , ,


At 4:51 AM, Anonymous Steve Cabouli said...

One thing is sure that many times people are opening the doors to identity theft because of their sheer negligence. With the help of technology this human negligence can be corrected to a some extend.


Post a Comment

Links to this post:

Create a Link

<< Home

  • All Material is Copyright © 2009 Michael McCoy and SEAS, L.L.C
  • Deter. Detect. Defend. Avoid ID Theft - www.ftc.gov/idtheft