Debra M. Meyer CPA and her staff take the security of their clients' personal data very serious. Debra does not disclose any non-public personal information about her clients (current or former) to anyone, except as when given permission to do so by such clients or as required by law. Access to non-public personal information is highly restricted to only Debra and staff necessary to prepare tax returns and financial plans. Debra maintains electronic, physical and procedural safeguards to guard clients' sensitive non-public personal information. As such, Debra practices the following security measures to ensure both the electronic and physical protection of personal data of her clients:
ELECTRONIC SECURITY:
PHYSICAL SECURITY:
PROCEDURAL SECURITY:
ELECTRONIC SECURITY:
- To keep office computers up-to-date, protected and secure as well as backed-up, Cannon Computer Consultants (a third party IT vendor located in Houston, TX) provides our firm with IT Services encompassing Windows OS critical and security patch management, anti-virus/malware protection products, security and backup management checks and quarterly in house check ups to ensure optimal security and protection.
- Multiple Layers (hardware and software) of firewalls are configured to protect and secure our infrastructure from any potential malicious content or applications. Our wireless router also contains firewall technology and intrusion detection as well as having Windows Firewall enabled on all our systems.
- All office work computers and equipment are hardwired to our network. For a couple instances where wireless technology is utilized (printers), our office router uses WPA2 and AES encryption methods which means any potential interception of data via wireless transmissions will not be able to be deciphered or utilized. In addition, access to our wireless router is password protected and the all passwords are maintained as business proprietary information and secured.
PHYSICAL SECURITY:
- Debra's office is protected 24/7 via a professionally installed and monitored alarm system with cameras recording in several entry point locations. In the event of any unauthorized entry in her office, a siren will be triggered as well as a call to the local police for immediate response as well as the monitoring company which will notify Debra immediately.
PROCEDURAL SECURITY:
- Passwords to computers, routers, all other applicable software and equipment are considered business confidential and proprietary information. As such it is only available to trusted personnel as needed.
- Debra requires the use of Power of Attorney documents permitting the disclosure of clients' information to third parties
- Debra strives for and continues to move forward to a paperless work environment, which aides in the security of client information. Any hard-copy client documentation that is not returned to the client or not kept for Debra's files are shredded via a professional paper shredding company. With respect to hard copies of client documents, Debra's record retention policy calls for the electronic scanning and archiving of any documents older than five years, and then the shredding of said documents.
- When office computers become obsolete and are replaced, the hard drives are professionally removed via her third party IT vendor, securely erased using DOD level technology and then physically destroyed.
- While a data breach has never occurred of Debra's systems, if such an incident ever occurred, Debra would notify all clients impacted by the loss or theft of personal records. Debra would work with her data breach insurer to ensure notifications of such loss/theft were sent to all affected clients.
- Any sensitive client documents that are returned by Debra by mail are sent through the US Postal Service (USPS) with tracking information to ensure the package safely and securely reaches your home.