-
Posts
1,789 -
Joined
-
Last visited
-
Days Won
83
Everything posted by Medlin Software, Dennis
-
Definitely true to have some sort of app level protection if there is an online aspect. If all data is local, then requiring extra auth (beyond license check to see if you are paid) is overkill - assuming you self-protect for compliance. Meaning if the data is in your control, but the vendor required some secondary process to access their "software", then that secondary process adds nothing and does not ensure compliance. The data sitting on your computer is not protected unless it is scrambled and secured by the app, or you have done whole computer protection.
-
For compliance, you do not need to protect each set of data individually. The things I suggest on my web site are compliant and can be self-managed. They are also good enough for all to use, going beyond the requirements (because of not using sleep mode). A username and password for an app is NOT compliant as it is only one part. If you use the methods I suggest, you will be compliant, and not need to have a password per app (unless you want to). be aware, if your app stored non encrypted data online, you may want/need to take additional steps.
-
I would spend the time to make internal note outlining the situation, what you did on termination, and what possible complications (and if known, solutions) for the future. All while fresh, in case something comes back a couple years later.
-
Yuck. This is an issue with opinion-based services (with little chance of bad or dark gray opinions getting caught). Same with a tax preparer helping get withholding to the liability amount, say to make their net meet expenses every month, and then getting fired for not getting a "fat" refund. I have been fired so many times I have lost count! I still, to this day, get into it with CPA types who do incorrectly tell my customers something. The most common examples are owner/shareholder who are also employees. CPA or other "expert" says to pay themselves wages once a quarter/year (the expert later cleans up all the "draws"), or report >2% S Corp health insurance once a year. The former do get caught "tax shifting" from time to time, the latter never get caught because it is a tax wash, but still improper. I remember doing the math for ERC to present it, and some would look at me sideways when I pointed out the ERC $ was not what the net would be. Funny, I am still ticked at the after the fact claw back of the last ERC quarter to help fund the recovery act money. Catch-22, some of the money went to rehab two race tracks I like to watch, those tracks are not going to give me a discount to cover the ERC I lost to help pay for their "gift". I thought I would personally get at least some via recovery act credits for solar and electrical upgrades, but CA has made solar a non-starter for me, given my age, roof size, and ability to shift loads to off peak.
-
Business owner fails to pay $2.4 million in payroll taxes
Medlin Software, Dennis replied to Lee B's topic in General Chat
I always wonder about these. How did it take so long to stop? I can see 12-18 months until an employee files their own return, and failing to match up with an employer depositing, but four tax years? And hopefully for the person or persons who had and access to the bank account(s), they did not get caught up in the fraud, or maybe they took a deal themselves. We used to have 941M for those caught not doing things properly, now we don't. We used to have to report W4 forms which did not seem right, now we don't. Remember, WH deposits are not on a time basis, WH on Dec 31 paycheck is like having a baby or getting a spouse on Dec 31, it is "good" for the entire year, so some avail of this strategy. -
Here is what I came up with. https://medlin.com/misc/security/ Notice the FTC rules have three points, any 2 can be used to meet their requirements. None of the three require any sort of third-party authentication, all can be self-managed. There is no requirement to individually protect a set of data, protecting all of your data at once, such as BitLocker, suffices. What I suggest (using all three FTC 'points') also meets common sense, as it means you can let someone access your device, knowing they are not getting in with any reasonable means (and still no known BitLocker hacks have been made public). The KEY is to power off or hibernate your computer, NEVER use sleep mode. It had been a few years since we stayed in a hotel, so when we recently did, I researched and found out hotel in room safes are not (safe), so I went with locking the device to a large piece of furniture and powering it off. With my device now hibernating when my phone is not within short range, even a straight up snatch/grab does not worry me. I a sl use a very short time out, short enough a thief will not likely try it before it hibernates. If you have your data online/cloud, then you may need to do more, such as some sort of trusted security method from the storage provider. This assumes your locale and other subject rules even allow you to not have data in your personal control within the jurisdiction you have nexus in. (At least one local jurisdiction required payroll and accounting data - IIRC - to be kept under the responsible party's control, within their jurisdiction. This is a local attempt by local politicians to prove to their constituents they are doing something about data theft.)
-
I doubt the pay-to-play services take on or get the ability to file the forms directly. At "best", and I use that term loosely, they provide a form or figures for the employer to use.
-
Need Help with Mailing - I am about to go postal!
Medlin Software, Dennis replied to BulldogTom's topic in General Chat
I had to mail something to dmv today. No electronic option. Took me 15 minutes to find the stamps. Had not used them in at least a year. -
The end has arrived (JK!)
Medlin Software, Dennis replied to Medlin Software, Dennis's topic in General Chat
A customer who tells me I am "not helpful at all" is usually correct. Why? The Paul Harvey "Rest of the Story". The customer has given me bupkis to work with! This afternoon it is a customer who says they do the same thing every month, but this time it did not work as expected. They did not share any details at all, so I had to fall back on asking for details, and being candid about the software not having changed since last month (actually, the aspect in question has not changed in at least a decade) so the issue is 99.999999% likely to be a case of not doing exactly what they have done before. I even pointed out what I think the cause was. But no, instead of any sort of useful reply, I get the "not helpful at all". RTFM and GIGO "live on". We will never, whether you call it automation or AI, ever remove human action from causing error, and the same human causing the error wanting desperately to shift responsibility. Now, back to planning a cruise for our 40th anniversary! -
NYS LLC created with my name and address on it
Medlin Software, Dennis replied to schirallicpa's topic in General Chat
Not shocked at all. I got dunned by NYS because I submitted test (garbage, such as First M Lastname) to a special office for form printing approval, and somehow, they created a NYS employer account for me, using the garbage data, and used the address on the envelope (the forms had a made-up address). -
After decades of ignoring the fraud and extortion of online review "services", I have tired of the ramifications of not fighting back. Thus, I will be offering links to customers to "review" sites and asking them to post their reviews. Rather than paying for fake reviews or wasting time trying to get fraudulent and extortion reviews removed, I am hoping real reviews will outnumber the fakes taking the power away from the fraudsters. The tipping point was a longtime customer telling me they were leaving because of a review they noticed (which was an extortion attempt - the "I posted a bad review, pay me and I will remove it" type).
-
GV was my solution for many years. I now use two cell carriers, one phone, with the phone selecting the better connection no matter which number I use. It is more for connectivity and backup these days since we no longer use the business line for customer support. While I rarely use it, my phone is connected to my computer for security (walk away locking), and I can make and receive calls on the computer. I do allow wifi calling and sms.
-
Need Help with Mailing - I am about to go postal!
Medlin Software, Dennis replied to BulldogTom's topic in General Chat
Try that for USPS express. USPS knows how to get it to a zip+4 "location". The problem will be there is no way to get a signature, if that is what you are after too. Priority is fine for a reasonable way to get status, but priority is barely better than stick a stamp and drop in a receptacle for actual delivery. I might even go to a USPS office and have them print the label, so you can be even more sure the address is in their system. The IRS has funky addresses too, where the address they publish is not in the USPS database (how I print postage and labels directly). The only other thing I can think of is to see if a phone call or fax to FTB will get some sort of more direct mailing address you can try. Many state employees can get mail to their building if one knows the address, floor, room, or whatever gets it out of the receiving room. Patience is tough. If the proper amount has been paid, then I would mail it several ways, and await (without worry) their next response) if any ever comes). Recently, the IRS posted a 941 to a prior (and properly reported) quarter. This resulted in a bill for underpayment for the now coupled up quarter, and a refund for the quarter the form was actually for. I called, got someone who could actually see what happened, and did "something" on their end, and asked me to send amended returns. I eventually paid a tiny amount of something (interest/penalty/stop bothering me fee) and can confirm the amounts were properly applied. I could have contested the fee, but it was not worth the time. I have copies of the original, so I am certain I did not make the human mistake, but things happen since they still accept paper files and use likely antique scan and human review to process. Maybe there was fuzz on the paper of scanner and the tick for the Q was read wrong. --- Same type of stuff every year with WC insurance. I pay a flat fee (as I do not reach their min fee), then pay again for true up for the "other" costs, then I get a refund back as it is sort of a mutual fund type deal (those in CA know what company I mean). Annoying to the perfectionists and helped me get to a "some goes out, some comes back" way of balancing WC figures. -
Need Help with Mailing - I am about to go postal!
Medlin Software, Dennis replied to BulldogTom's topic in General Chat
-
Insurance Rider for Instacart driver
Medlin Software, Dennis replied to Patrick Michael's topic in General Chat
I looked at IC during the pandemic. Not for me, but I was going to drive our daughter around a few hours a day for grins. There was absolutely no way to make money when looking at the real costs. Break even, maybe, maybe have a little something left for repair fund, but no real profit (business use insurance was an issue). To me, they are the same as all the driving services, preying on those who do not get accounting, with the exception being the commercial (black car and up) drivers who rent a car, are properly licensed and insured, and who work hard for the higher rate. Per mile is a loser. -
Insurance Rider for Instacart driver
Medlin Software, Dennis replied to Patrick Michael's topic in General Chat
"Is it required? Does it cover anything that normal car insurance would not?" WAG. Required is questionable, IC likely does not care, and likely has some sort of self-protection. For the driver, it likely covers business use of the vehicle, which may be specifically excluded on their "regular" policy depending on the insurer. -
Two SSN, one tax year
Medlin Software, Dennis replied to Medlin Software, Dennis's topic in General Chat
"In the back of my mind, I wondered whether the first number was legitimate?" I have seen that as well - farm labor. Still easy to buy a good enough looking SS card to get someone through a season or two. What has me thinking is a mid-year change, where say Q1 and Q2 wages were properly reported (state) under one SSN, then Q3 and Q4, to another SSN. Employers will be reluctant to file "corrected" reports to move wages to the new SSN and will then have to deal with one physical employee with two SSNs for annual federal filing. In the specific discussion, the employee presented docs showing the first SSN was valid through 2022, and a new one valid starting with 2023 (presented in 2024). -
I was discussing the issue of getting a non-original SSN, and the ramifications. In our home, two received a second SSN, but before their work years. (A lifelong PITA, having their original SSN "pop up" from time to time.) From the employer aspect, my suggestion was not to question the new SSN, as long as the docs look reasonably good, but to just take it, and use it going forward. I would likely issue two W2 forms, one for each SSN, unless I found some regulations to the contrary. (Essentially treat the new SSN as a new "hire".) Any here had to deal with this, two SSN used in the same tax year?
-
It will be interesting to see what happens. Some things take more attention than before, some less, but it remains complicated and requires diligence to not miss a thing/optimize. Some get something, some lose, the nature of the beast. Personally, I do not miss tracking things to itemize, but dealing with things like QBI and PTET, and what may or may not follow, can be a forecasting issue.
-
The one I tried did not ask for anything I would be concerned with. The results included an address from 35 years ago, which is likely only from credit bureau type breach. But, most importantly, no need to really check. Just be honest with yourself and realize your name, addresses, phone, relatives, and SSN cannot be considered private.
-
any NY payroll workers comp experts here?
Medlin Software, Dennis replied to schirallicpa's topic in General Chat
I at least some states, but likely in advance and via a proper form/notice, a shareholder/owner can remove themselves from WC coverage. It may even be automatic when the person is the only shareholder. -
Mine is in there too. The baddies had at least 4 months head start and there is no mass news of issues. Normal protections and monitoring should be fine, as well as realizing your ssn has not been reliably for many many years.
-
The current forms are better than I can remember, as there are options to effectively set a flat dollar amount (which can be a % calculation). It is just silly and to tell them something they cannot legally enter, a flat %. While someone's "effective" tax liability can be calculated as a % for a particular year, there is no such withholding method available, so please stop telling someone their WH needs to be a flat %. A real pet peeve of mine, sicne such statements mean I, after the employer gets to deal with the employee's demand, has to tell the employer and employee the law does not permit such a selection.
-
Because the tax tables are not a flat %. I get this question almost daily. Ironically it comes from employees whose tax preparer tells them their liability is a flat %.