Jump to content
ATX Community

Email Taxpayer Info

red2

By red2
in General Chat

 Share

Recommended Posts

Catherine

Catherine

Posted
Posted

There is a difference between encrypting EMAIL and encrypting FILES SENT by email.  If you want email itself encrypted there are the suggestions above, and Symantec has a product "PGP Encryption" that will encrypt the email itself.  There are other programs that require keys - one public, that you can send to anyone so they can decrypt your email, and a private one that is the other half of the protocol, that you use before you send email out.

  • Like 2
Link to comment
Share on other sites
Medlin Software, Dennis

Medlin Software, Dennis

Posted
Posted

Likely, unless the return is a PDF, you would have to come up with something to allow printing in a close format.  (Note, even PDF is not perfect, it cannot be guaranteed to match what the author intended, since PDF software now allows the end used to adjust the file, such as  line width, fonts, etc., and that does not even consider the fact that printer software is imperfect - such as really margin accuracy.)  PDF is the one format you can count on to be close, assuming the end user does not muck up the settings.

Personally, I would not trust any built into PDF creation software password and/or encryption.  PDF security is said to have been compromised, at least once recently IIRC.  Since it is a common format, it is reasonable to believe there are hackers constantly looking to break the security.  With that said, PDF security, with a kept up to date creation system, is likely good enough to say you took reasonable steps to be secure, if you are comfortable with that, and with your business insurance :).

For sending something securely via email, PGP type systems as Catherine mentioned, are likely reliable, provided the system in use handles the questions from the end user (unless you want to take on that support).

On the other hand, when I get "secure" messages from our charge card processor, it comes in the form of a message, with a link, for which I have to sign in to see the message.  There is no support needed, as it is very clear what I have to do.  It is a bit of a PITA, since the message eventually is shown to me as a tif file (an image), but I am completely comfortable their system is as secure as can be (since it contains data one would not want in the wild).  While I do not use ATX, what G'maBee said about a client portal is very likely some sort of secure method to contact your clients, and possibly share data.  Hopefully it is some sort of system like what our charge card processor uses, not just a way to send "secure" PDF files.

 

  • Like 1
Link to comment
Share on other sites
Abby Normal

Abby Normal

Posted
Posted
On 10/21/2019 at 12:54 PM, Lynn EA USTCP in Louisiana said:

virtrue encrypts email - I used this for a short time but end users had difficulties with it.  It could have been an end-user issue and not software issue

sendinc encrypts email - never used it

protonmail encrypts email - my son set himself up with this but I haven't for the office

 

We used Virtru for awhile but had problems as well. Now with SendInc and having no issues, except the emails expiring in 7 days and clients procrastinating.

Sendinc is not an email program, it is a portal the client logs into with a password of their choosing and downloads the file.

Firefox Send works the same way, but you can skip the password if you choose.

Both are free.

  • Like 3
Link to comment
Share on other sites
Yardley CPA

Yardley CPA

Posted
Posted
15 hours ago, Margaret CPA in OH said:

Yardly, how much did the portal cost?  Did you add something like a technology charge to cover it?  I have only about 50-60 clients so the per client cost is a consideration for me.

Hi, Margaret...I'll have to go back in my file and find the exact charge,  I recall it being in the $325 range.  Online, the price is $450 but I was able to purchase it for less.   I did not include a technology charge as at the beginning of last year I increased my rates, for many clients, about 20% to 25%.  In some instances a bit more than that.  

The portal is a nice feature and does offer advantages over sending everything via email.  As I mentioned, my clients seem to have transitioned to it well.  There are some that still prefer to conduct business via email and I hope over time they will see the benefit of the portal.  

Link to comment
Share on other sites
Medlin Software, Dennis

Medlin Software, Dennis

Posted
Posted

It should be very "clean" for the recipient.  The other item to check, and it may take work, is if the message is actually received.  Email is getting less and less reliable (see below).  Hopefully the security portal has a tracking and reporting method, so you can see who received their messages, and who opened them.

---

I happen to have a relatively large number of Moose Lodge clients (likely using my payroll software to pay their bartenders!).  Most use use an email account controlled by their national HQ.  The national folks have decided to use a cloud based email "anti spam" product, which has very aggressive settings.  The problem is not that our emails were flagged (since this can easily happen to anything resembling a receipt), but that they block messages with a not so easy way for the end user to even know what was being blocked.  The end users are lodge members, who may or may not have any technical expertise, and likely assume the national handles the email system for them.  For me, this meant every lodge was calling or writing asking why I did not send their receipt!  (It is never that they have not received the receipt, it is always assumed it was not sent - since many consider sending to never fail.)

After loudly complaining to the folks who are being paid to filter the messages, they white listed my domain.  While this is good for me, it is not so good for Moose (and any other customers of the spam filter company) if they really want to be "secure", since all it took was an online chat to get on their white list.  (Virus companies do the same thing, proving how useless paid protection is, since any system with a whitelist makes the protection worse than useless, since those on the whitelist could go rouge, get hacked, etc.)

The other ALARMING item I was remind of, and why secure/encrypted email is important when needed, is the filter provider has full access to all inbound messages.  If you were to send a non secure tax return (PDF can no longer be considered secure), this is one more point of attack you may not even have been aware of... and I had forgotten this (I do not use such a service) until the filter company sent me headers from messages which went through after they white listed my domain!

 

  • Like 3
  • Thanks 1
Link to comment
Share on other sites
Roberts

Roberts

Posted
Posted

I have an FBI agent client who has made it very clear that all documents must be hand delivered or picked up. Email, pdfs, drop box type accounts are all forbidden with him because he said they are all vulnerable. His wife rolls her eyes but he says you'd be surprised how often they are hacked.

 

I still send encrypted pdf files because clients want them.

  • Like 2
Link to comment
Share on other sites
Lion EA

Lion EA

Posted
Posted

I just returned from the CCH User Conference where someone mentioned SendSafe. I know nothing about it other than some CCH users are also using SendSafe for email.

I use CCH's SiteBuilder website with FileShare included. I send tax returns and other documents with SSNs or other identifying data only via FileShare. My clients are getting better about sending me their data, signature pages, etc., via FileShare. All they have to do to receive my file is follow the link in the email they receive on my behalf from FileShare (I can edit the default email if I wish, globally or case-by-case). If it's their first time, it's follow the link and choose their own password.

I've also been using CCH's eSign to send signature pages/tax return for signatures. Clients have found it easy. (Except teens without a credit history that can't pass the authentication.) NY is the only state that does not accept eSign, so I don't use it for my commuters nor NY residents. I was pleasantly surprised when my first few clients this past season, who were very non-computer literate, had their return plus I had their signature pages back in seconds. The eSign software does all the work of combining spouses' signatures into one form and returning it to me. The client doesn't have to know anything about getting their signatures back to me; no printing, signing, scanning, uploading, etc., on their part.

  • Like 1
Link to comment
Share on other sites
Lion EA

Lion EA

Posted
Posted

For esigning forms such as 8879, you need esigning with verification. Look into CCH's eSign. The license has been free with pay-per-use. Federal and all states except NY. (From what I heard last week, NY is very unlikely to accept eSign from any brand next tax season or anytime soon.)

Link to comment
Share on other sites
Margaret CPA in OH

Margaret CPA in OH

Posted
Posted

I don't see that SendSafely has e-signature capability.  Lion, it seems that the CCH portal doesn't either, ,that you also need CCH e-Sign, right?  I'm struggling to find a portal option that includes e-signature capability.  Maybe I'm using the wrong search terms.  Yardley, does the ATX portal have e-signature option?  I just may end up using snail mail again! (kidding)

Link to comment
Share on other sites
Lion EA

Lion EA

Posted
Posted

Portals are portals, to move information more securely than other options back and forth. To get verified signatures that the IRS accepts on forms such as 8879, you need something designed to the IRS specs for signatures. What all are you trying to do in one software?

eSign will deliver verified signatures and it does deliver the tax returns to your clients. You can use it, at a lesser fee, to collect other signatures without verification, such as your engagement letter. But, it won't work for your clients to send their tax documents to you.

FileShare will let you upload any documents to your clients, including signature pages. It will let your clients upload any documents to you. It does not verify signatures.

  • Like 1
  • Thanks 1
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
×
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...