Leaderboard

Here is what I came up with. https://medlin.com/misc/security/ Notice the FTC rules have three points, any 2 can be used to meet their requirements. None of the three require any sort of third-party authentication, all can be self-managed. There is no requirement to individually protect a set of data, protecting all of your data at once, such as BitLocker, suffices. What I suggest (using all three FTC 'points') also meets common sense, as it means you can let someone access your device, knowing they are not getting in with any reasonable means (and still no known BitLocker hacks have been made public). The KEY is to power off or hibernate your computer, NEVER use sleep mode. It had been a few years since we stayed in a hotel, so when we recently did, I researched and found out hotel in room safes are not (safe), so I went with locking the device to a large piece of furniture and powering it off. With my device now hibernating when my phone is not within short range, even a straight up snatch/grab does not worry me. I a sl use a very short time out, short enough a thief will not likely try it before it hibernates. If you have your data online/cloud, then you may need to do more, such as some sort of trusted security method from the storage provider. This assumes your locale and other subject rules even allow you to not have data in your personal control within the jurisdiction you have nexus in. (At least one local jurisdiction required payroll and accounting data - IIRC - to be kept under the responsible party's control, within their jurisdiction. This is a local attempt by local politicians to prove to their constituents they are doing something about data theft.)

It greatly depends who is your client's payroll processor. If the processor is running your client through a PEO, and if they processed the ERC, then they most likely will not provide a 941. I tried repeatedly to get a copy of the 941X for one of my client's from PayChex. All we ever received was the spreadsheet with their ERC calculations. Another suggestion is to obtain POA to look at the transcripts. But, if a PEO is involved you won't see it. If no PEO, you should see the 941X if it was filed. If nothing has been filed, it is the client's responsibility to file the 941X. I second what Patrick said. You should probably run the analysis yourself to verify the figures before amending anything.

I freelanced for a CPA firm and helped with several ERC claims. We would analyze to ensure they are qualified and provide the client with a detailed report with the numbers. The payroll provider would have a form to fill out and file the 941X and either give a copy to the client or make it available on their website.

Doesn't sound like SE income (loss) due to lack of services.