As your accounting firm, we are pleased to have earned your trust and confidence. We understand the value you place on the security and privacy of your information. We take extensive measures to make sure that your information is protected from loss and theft.
PROTECTION OF YOUR INFORMATION
Protecting your information is our top priority. Our firm maintains a physically secure office and computer network. The firm runs a paperless practice, however at times paper files are required. In those instances, paper files are scanned into our secure network and returned to the client. If paper copies of information are required to be retained, all documents are kept in a secure, locked location.
To combat external risk and security of our network and all data, we have implemented a VERY strict and comprehensive set of protocols for all computer and network use. These protocols include:
Secure user authentication protocols
Secure access control measures
Encryption on public and private networks
Encrypted and monitored devices
Regularly scheduled deployment of security updates and antivirus patches
Staff education
DISCLOSURE AND TRANSMISSION OF YOUR INFORMATION
As a service to our clients, we offer clients access to a secure portal, Intuit Link. This portal is built and maintained by Intuit Inc for the secure storage and sharing of sensitive information between accounting professionals and their clients.
Information is not to be given to a third party or unauthorized individual (bank, employer, financial advisor, etc.) without a written consent form completed by the client.
When there is a need to bring records containing sensitive information off-site, only the minimum amount of information necessary will be taken; electronic records will be password – protected and encrypted, paper records will be kept behind lock and key. Records brought off-site are returned to our office immediately following completion of offsite work.
It is the policy of our firm to wipe all computers clean and delete all client and sensitive related data promptly upon return of a computer by the staff member using it.
Staff is prohibited from copying or transporting files on a personal device, such as a laptop, USB or smart phone.
To minimize transporting sensitive information, staff has access to work computers from home using an encrypted VPN network.
Under no circumstances are documents, electronic devices (including laptops), or digital media left unattended in an employee’s car, home, or in any other potentially insecure location.
COLLECTION OF YOUR INFORMATION
Our firm is committed to limiting the amount of personal information collected to that which is reasonably necessary to accomplish the legitimate purpose for which it is collected; limiting the time such information is retained to that reasonably necessary to accomplish such purpose; and limiting access to those persons who are reasonably required to know such information in order to accomplish such purpose.
INTERNAL TRAINING
All employees are responsible for maintaining the privacy and integrity of sensitive information in accordance with the firm’s Confidentiality Policy. Any paper record containing sensitive information about any client or third party must be kept behind lock and key when not in use.
When disposing of paper records containing sensitive information, a cross-cut shredder or outside shredding service will be used. Similar appropriate electronic methods will be used for disposing of electronic media.