Already covered: CPAs exempt from Gramm-Leach-Bliley Act's privacy notice.President Bush signed a bill Oct. 13 that exempts CPAs from the Gramm-Leach-Bliley Act's requirement that they send their clients an annual privacy notice. The AICPA AICPA See American Institute of Certified Public Accountants (AICPA). has been working to amend the law since it was enacted in 1999. The bill became effective immediately upon the president's signature. The exemption reads: "(d) Exemption for Certified See certification. Public Accountants-- "(1) IN GENERAL -- The disclosure requirements of subsection subsection Noun any of the smaller parts into which a section may be divided Noun 1. subsection - a section of a section; a part of a part; i.e. (a) do not apply to any person, to the extent that the person is-- "(A) a certified public accountant Certified Public Accountant (CPA) An accountant who has met certain standards, including experience, age, and licensing, and passed exams in a particular state. ; "(B) certified or licensed for such purpose by a State; and "(C) subject to any provision of law, rule, or regulation issued by a legislative or regulatory body of the State, including rules of professional conduct or ethics, that prohibits disclosure of nonpublic personal information without the knowing and expressed consent of the consumer. "(2) LIMITATION -- Nothing in this subsection shall be construed to exempt or otherwise exclude any financial institution that is affiliated or becomes affiliated with a certified public accountant described in paragraph (1) from any provision of this section." CPAs Already Under Client Confidentiality The examples and perspective in this article or section may not represent a worldwide view of the subject. Please [ improve this article] or discuss the issue on the talk page. Requirement The exemption is possible because CPAs and CPA (Computer Press Association, Landing, NJ) An earlier membership organization founded in 1983 that promoted excellence in computer journalism. Its annual awards honored outstanding examples in print, broadcast and electronic media. The CPA disbanded in 2000. firms already are required under state law--and ethical standards--to maintain the confidentiality of client information. Indeed, California's Accountancy Act and supporting regulations require CPAs to maintain client confidentiality unless: * the client gives written permission for the disclosure or * the reason for the disclosure falls into one of the allowable exemptions, such as peer review, consultation with a colleague, sale of practice, subpoena subpoena (səpē`nə) [Lat.,=under penalty], in law, an order to a witness to appear before a court. A subpoena ad testificandum [Lat. , etc. For the specific language, see Regulations 54, 54.1, 54.2 at www.dca.ca.gov/cba. Passage of this exemption, "... is wonderful news and a win for both CPA practitioners and their clients. The disclosure statements are often confusing to clients and they are expensive and time-consuming for CPAs to prepare," said Barry C. Melancon, AICPA president and CEO (1) (Chief Executive Officer) The highest individual in command of an organization. Typically the president of the company, the CEO reports to the Chairman of the Board. . "Since the exemption is effective upon the president's signature, all those CPAs who are now preparing this year's privacy notices can stop. They won't have to send Gramm-Leach-Bliley Act The Gramm-Leach-Bliley Act, also known as the Gramm-Leach-Bliley Financial Services Modernization Act, Pub. L. No. 106-102, 113 Stat. 1338 (November 12, 1999), is an Act of the United States Congress which repealed the Glass-Steagall Act, opening up competition privacy notices out this year. They can instead put that time into serving their clients." CPAs Still Included in 'Safeguards Rule' Mandate While exempt from the Gramm-Leach-Bliley Act's notification requirement, CPAs and CPA firms are still required under both federal and state law to ensure the security of confidential information Noun 1. confidential information - an indication of potential opportunity; "he got a tip on the stock market"; "a good lead for a job" steer, tip, wind, hint, lead . The Federal Trade Commission's "Safeguards Rule," which was developed in response to the passage of Gramm-Leach-Bliley, generally requires businesses that are "significantly engaged" in providing financial services The examples and perspective in this article or section may not represent a worldwide view of the subject. Please [ improve this article] or discuss the issue on the talk page. to consumers (such as tax practitioners, including CPAs) ensure the security and confidentiality of client information. All firms must have a written information security plan that describes the program to protect client information. The plan must be appropriate to the firm's size and complexity; scope and nature of the services; and sensitivity of the client information. The Safeguards Rule further requires that all covered entities designate at least one employee to coordinate the safeguards, identify and assess the risks to client information in each relevant area of the operation, and evaluate the effectiveness of current safeguards for controlling those risks. A safeguards program also must be designed and monitored, and any third-party service provider must be in compliance with the safeguards regulations. Contracts should reflect that responsibility. According to according to prep. 1. As stated or indicated by; on the authority of: according to historians. 2. In keeping with: according to instructions. 3. the Federal Trade Commission's most recent pronouncement on this regulation, special attention is to be paid to the following areas that present special risks to information security: * Employee training and management; * Information systems, including network and software design; and * Information processing information processing: see data processing. information processing Acquisition, recording, organization, retrieval, display, and dissemination of information. Today the term usually refers to computer-based operations. , storage, transmission and retrieval and security management, including prevention, detection and response to attacks, intrusions or other system failures. Additional Compliance Resources The AICPA's Tax Division's Privacy/Disclosure Task Force prepared a practice guide (revised in July 2002) regarding the privacy protection provisions of the Gramm-Leach-Bliley Act. The guide, available through http://tax.aicpa.org, will likely be revised again to include additional law changes. Other privacy resources that are available to CPAs include California's Office of Privacy Protection, a state government agency (www.privacyprotection.ca.gov) that recommends best practices for handling sensitive consumer information, and firms insured by CAMICO may contact the organization at www.camico.com with questions on developing a privacy safeguards program. Bruce C. Allen is CalCPA's director of government relations. |
|
||||||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion