Professional Liability Risks For CPAs Related to Cloud Computing

More and more CPA firms are adopting cloud computing to save themselves and their clients time and money. While the benefits of cloud computing are undeniable, CPA firms have certain professional liability implication they need to understand before moving their client's data to the cloud.

According to the Code of Professional Conduct there are three main considerations for CPA’s with regards to cloud computing:

  1. The CPA should enter into an agreement with the third party regarding the maintenance of confidentiality of client information
    We guarantee the confidentiality of a CPAs client information via our Terms and Conditions as well as our Privacy Policy. In addition, our terms stipulate that the CPA is the sole owner of the data and we have no rights to their data as the vendor.
  2. The CPA should take steps to reasonably assure him/herself that the third party has appropriate procedures in place to maintain confidentiality
    We utilize the best technology and solutions to ensure that your client's data remains confidential - including: using the highest level of encryption to protect data, every 30 min backups, PCI compliance (including monthly vulnerability scans by a third-party), and housing all data in SOC 2 data centers.In addition, we have had our systems (including our financial stability) vetted by both Intuit and the Managed Service Provider (MSP) Alliance as part of becoming and Intuit Authorized Commercial Host and an Accredited Managed Service Provider.
  3. The CPA should disclose the use of third-party service providers to its clients, preferably in writing, before disclosing confidential information to the third party
    We recommend that our CPAs who are not using the system with their clients, but are storing the client's data on our system, include this disclosure as part of their letter of engagement with their clients.

The AICPA recently published a great article on just this topic that I recommend you check out: "Professional Liability Risks Related to Cloud Computing." It even includes a Cloud Vendor Checklist to help CPAs in selecting and vetting cloud computing providers.

Power Up with Swizznet Hosting