SimpleEntry’s security program is aligned with both U.S. federal and international requirements:
- IRS Requirements:
- Publication 4557 (Safeguarding Taxpayer Data)
- Publication 5417 (Safeguards Program Handbook)
- Section 7216 (Confidentiality of Taxpayer Information)
- All staff maintain IRS PTIN registrations and annual IRS-recognized training (AFSP).
- FTC Requirements:
- Written Information Security Program (WISP) aligned with the FTC Safeguards Rule.
- Administrative, technical, and physical safeguards designed to protect financial information.
- International Standards:
- Policies modeled on ISO 27001, CMMC, and the NIST Cybersecurity Framework.
- Continuous monitoring via Tenable (IRS-grade), Microsoft Intune, and Drata.
- Operational Controls:
- Multi-factor authentication for all system access.
- End-to-end encryption (data at rest and in transit).
- Role-based access and offboarding controls.
- Annual security awareness training for all employees.
- Documented incident response plan, tested annually.
By combining IRS-specific safeguards, FTC requirements, and international frameworks, SimpleEntry provides clients with compliance assurance equivalent to — and often exceeding — what federal regulators require.