Secure Tax Data Transfer

TL;DR

Sending tax information to your accountant? Don’t use email! Use a secure portal, encrypted file transfer, or password-protected archives. Strong passwords and multi-factor authentication are essential. Be aware of phishing scams.

Secure Tax Data Transfer: A Step-by-Step Guide

1. Understand the Risks
• Email is not secure. It’s easily intercepted.
• Tax data contains sensitive information (National Insurance number, bank details).
• Phishing emails targeting tax season are common.
2. Choose a Secure Method
• Secure Accountant Portal: This is the best option if your accountant offers one. They’re designed for secure file exchange.
• Encrypted File Transfer Services: Use services like WeTransfer (paid version with encryption), Dropbox (with strong password and 2FA enabled – see step 6), or dedicated secure transfer platforms. Avoid free, unencrypted options.
• Password-Protected Archives: If you must email, zip your files using a strong password (see step 5). This is the least preferred method but better than sending unencrypted files.
3. Using Your Accountant’s Portal
• Log in directly through their website – never click links in emails.
• Follow their instructions for uploading and downloading files.
• Confirm the file transfer was successful.
4. Using Encrypted File Transfer Services
• Create an account with a reputable service.
• Upload your tax documents.
• Generate a secure download link and share it only with your accountant via a separate, confirmed communication channel (phone call or text message). Do not send the link in the same email as the files themselves.
• Set an expiry date for the download link.
5. Password-Protecting Archives (If Email is Necessary)
• Zip your files: Right-click on the folder containing your tax documents and select ‘Send to’ > ‘Compressed (zipped) Folder’.
• Set a strong password: When prompted, create a complex password. A good password is at least 12 characters long and includes a mix of uppercase letters, lowercase letters, numbers, and symbols.
• Communicate the password separately: Call or text your accountant to tell them the password – do not email it!

zip -e tax_documents.zip tax_folder/

6. Strong Passwords and Multi-Factor Authentication (MFA)
• Use unique, strong passwords for all your online accounts, especially those related to finances or taxes.
• Enable MFA wherever possible: This adds an extra layer of security by requiring a code from your phone or another device in addition to your password. Check your accountant’s portal and file transfer service settings.
7. Beware of Phishing Scams
• Be suspicious of unsolicited emails: Especially those asking for personal information or requesting you to click on links.
• Verify the sender’s email address: Check that it matches your accountant’s official domain.
• Never provide sensitive information in response to an email request: Contact your accountant directly using a known phone number or website if you are unsure.
8. Confirm Receipt and Secure Deletion
• After sending, confirm with your accountant that they have received the files successfully.
• Once confirmed, securely delete the original files from your computer and any temporary storage locations.