As an accounting practice, you strive to protect your clients’ details, always ensuring that their sensitive information remains confidential. One essential piece of information is their Tax File Number (TFN).
You might think that a document including a TFN within a secured client portal is harmless. Think again. Storing documents with TFNs in a third-party client portal or your own client portal, not only magnifies the risk of exposure but also places you in risky territory with the legislation.
The Privacy (Tax File Number) Rule 2015 (TFN Rule)*:
As tax agents and accountants, you are considered TFN recipients, meaning that the TFN Rule directly regulates how you collect, store, use, and dispose of TFNs. Under the TFN Rule, any mishandling of the TFN is not just a breach of trust but a violation of the Privacy Act. It is crucial to comply with these guidelines to avoid potential breaches and protect your clients’ privacy.
The TFN Rule requires that TFN recipients take reasonable steps to protect TFN information from unauthorised access, use, modification, or disclosure. This includes securely destroying or permanently de-identifying TFN information where it is no longer required by law to be retained.
Protecting the TFN in portals
It’s easy, simply do not store ATO documents with TFNs in portals.
How to reduce your risk of a TFN breach
Reduce the risk by removing TFNs regardless of how they are stored, including storing in:
– client portals,
– a third-party portal,
– document management systems,
– personal computers,
– cloud servers.
Redaction of TFNs ensures you are meeting your TFN legislative requirements.
The next steps to be TFN compliant
With ATOmate, you’re taking all ‘reasonable steps’ to be TFN compliant:
- TFNs are automatically redacted from ATO documents before they make it to your ATOmate dashboard for review, approval, or escalation.
- Your client’s ATO documents are never stored on ATOmate’s systems, they are stored in your document management system.
- When you email or post to your client, there is no exposed TFN.
Your clients trust you with their most sensitive information and you must take all reasonable steps to protect their TFN information and comply with the TFN Rule. Redacting TFNs from stored ATO documents is non-negotiable.
To find out more about how ATOmate can help you stay TFN compliant click here.
*Reference: TPB(PN) 4/2021 Use and disclosure of a client’s TFN and TFN information in email communications https://www.tpb.gov.au/tpb-practice-note-tpbpn-42021-use-and-disclosure-clients-tfn-and-tfn-information-email
With over 25 years of experience in the technology industry, Stan’s professional focus has been on building high-performance teams and leading organisational change through operational efficiency.
Stan is passionate about assisting businesses to reach their full potential through the delivery of automated processes, supporting them to achieve smarter and innovative outcomes for stakeholders and greater productivity and job satisfaction across their teams.
Most recently, Stan has enjoyed working closely with professional services businesses to implement technological transformation projects and automate their key business processes.
BAW is an innovative company that provides automation solutions to businesses including accountants, property managers and the manufacturing industry.
The company’s automation solutions allow business managers, partners, IT managers and staff to refocus their attention away from tedious, time-consuming tasks towards value-added outcomes, such as managing and maintaining client relationships and engagement.
BAW’s flagship product, ATOmate, is designed to automate the processing, reviewing, and distribution of ATO correspondence. ATOmate integrates with a range of market-leading practice and document management platforms, helping accountants reduce their ATO document processing time by 90%.
- Protecting Your Clients’ TFN: Why Redacting in Your Client Portal is Non-Negotiable - 29 January 2024
- Take Time to Simplify Your Processes and Ease Your Workload - 27 November 2023
- Personalised communication is key to client satisfaction and engagement - 1 November 2023
