FTC Safeguards Rule: Is Your Company Ready?

According to the Federal Trade Commission (FTC) Safeguards Rule, tax preparers, CPAs and other financial institutions must implement cyber security plans to protect client data by June 9, 2023. Failure to do so may result in an FTC investigation.

The Blue Light IT team is here to help you understand the Safeguards Rule and avoid fines or other serious consequences. Don’t risk noncompliance: Register for our free webinar on December 13 now.

Free Webinar: Safeguards Rule Basics

Here’s what you’ll learn:

  • The nine steps to compliance
  • The role of a Qualified Individual
  • Who must comply with the new regulations
  • How following the regulations will make your business stronger and better positioned to help clients and customers

The FTC has substantially strengthened the Safeguards Rule with new requirements to increase and improve protection of sensitive consumer information. To ensure compliance, you must be prepared and informed.

Who’s Affected by the Safeguards Rule?

The FTC Safeguards Rule affects all firms dealing in personally identifying information (PPI): CPAs, bookkeepers, accountants, tax preparers, financial advisors, car dealerships and any other firms that handle consumer financial information. For example, if your firm only works with businesses, but provides W2 forms to your customer employees, then you must comply with the rule.

Professionals and businesses affected by the rule include:

  • Accountants, CPAs and other tax preparation services.
  • Automotive dealerships.
  • Businesses that print and sell checks to consumers.
  • Career counselors.
  • Mortgage brokers.
  • Personal property or real estate appraisers.
  • Travel agents.
  • And more.

Learn more and bring your questions about the Safeguards Rule to our free webinar.

The FTC Safeguards Rule affects all firms dealing in personally identifying information (PPI): CPAs, bookkeepers, accountants, tax preparers, financial advisors, car dealerships and any other firms that handle consumer financial information. For example, if your firm only works with businesses, but provides W2 forms to your customer employees, then you must comply with the rule.

Professionals and businesses affected by the rule include:


  • Accountants, CPAs and other tax preparation services.
  • Automotive dealerships.
  • Businesses that print and sell checks to consumers
  • Career counselors.
  • Mortgage brokers.
  • Personal property or real estate appraisers.
  • Travel agents.
  • And more.

Learn more and bring your questions about the Safeguards Rule to our free webinar.

Do I Really Need to Comply?

If you work with consumer data (e.g. full name, Social Security number, address, income, etc.) chances are you need to comply, especially if you are familiar with the W-12 tax form.

When filling out the W-12 form, you confirm under Section 11, Data Security Responsibilities, that you have a data security plan in place as well as system security protections.

You can’t just check the box and hope for the best.

  • It doesn’t matter if you think your business is “too small” to need cyber security or that your company has anti-virus protection in place.
  • It also doesn’t matter where you store your customer data. (A secure location may help, but it’s not the full solution.)
  • The FTC isn’t concerned if you have the budget for cyber security protection, either.

Learn how to protect yourself and your business at our free webinar on December 13 at 11AM Eastern.

5 NonCompliance Consequences

Compliance with the FTC Safeguards Rule is of the utmost importance. Here are five consequences of noncompliance:

  • Expensive fines. The maximum fine you can incur from a data breach is $11,000 per day. The agency can also seek damages for consent violations that can total over $43,000 per day for each violation, as well as possible jail time.
  • Extensive penalties. Your company could face long-term consent decrees or extensive injunctive relief, which could significantly stifle your business operations.
  • Litigation risks. Your company could be sued in case of a security breach. In cases where you have to notify victims after a breach the risk of litigation rises significantly.
  • Reputational damage. The ripple effect of a security breach cannot be underestimated. Not only will it impact your customers’ trust, but it will also harm your relationships with other affiliates and suppliers.
  • Data loss. Your data is more valuable than you think. The average data breach in the United States costs $9.44 million, over $5 million more than the global average.

You won’t need to worry about non-compliance when you follow the information provided in our December 13 webinar at 11AM Eastern.

Attend Live or Watch the Recording 

Tune in to our free webinar at 11AM Eastern on Dec 13

Learn How to Protect Your Business

Review the nine steps to compliance

Book an Assessment Call With Our Experts

Find out if your business is at risk

Feel Confident You’re in Compliance

Rest assured you can protect your clients’ data

How We Can Help

You can designate a Qualified Individual within your organization to implement and supervise your information security program or you can outsource the responsibility to the Blue Light IT team.

We will:

  • Provide real-world IT knowhow suited to your circumstances.
  • Conduct a risk assessment.
  • Design and implement IT safeguards.
  • Regularly monitor and test safeguard effectiveness.
  • Train your staff on the latest threats and vulnerabilities.
  • Keep your information security program updated.
  • Create a written incident response plan.
  • Report to your board of directors.

Learn more about the Qualified Individual role at our free webinar on December 13 at 11AM Eastern.

Our Clients Trust Blue Light IT to Deliver

“Blue Light IT did a Cybersecurity Risk Assessment for me. It was professionally performed with great details and I was offered two options to choose from. Both of the options were within my price range.”

John T., Owner of Tax Preparing Firm

Fort Lauderdale, FL

What's the Cost?

Every company is different, and varies in size, scope and the amount of data they store. The only way to accurately determine a price point for security services is by performing a risk assessment.

Have No Fear, We Have You Covered

Begin the process of meeting the FTC Safeguards Rule now. Register for our free webinar or just book a short call with our team. Entrust your business to a team of reliable and responsive experts:
You won’t regret it.

The June 9th deadline is sooner than you think. it takes time to correctly implement a plan that will cover the ftc safeguards rule. Act now to avoid fines, litigation and reputation losses.