Tax Information Systems, Federal/State(CA) Taxes, Small Office Information Technology and Operations (electronic books, marketing)

5633 Kenneth Ave

Carmichael, CA 95608


Office Hours: By Appointment

New Clients: By Appointment and Invitation Only

(Currently not accepting new clients)


NOTE 1:

Tax Return Preparation Requirements:

All new clients are required to verify their identity with two forms of identification such as a driver's license, passport and/or other official government issued ID prior to the provision of tax services. The photo in the presented ID as well as the ID itself will be verified for authenticity.

New clients who have created new accounts with the US Internal Revenue Service (IRS) and verified their identity using ID.me (or current IRS identity verifier) will be considered verified to TaxJets ID standards.  

In addition to verifying the authenticity of ID documents, all W-2 forms as well as all other information returns (1099s, etc.), bank statements, credit card statements and any assertion of earned income from any type of business enterprise will be verified for authenticity prior to provision of tax services. 

To prevent EITC fraud, Schedule C business tax returns will require businesses to have an EIN and a business bank account in the name of the business that displays a history of transactions for legitimate business products and/or services prior to the provision of any business tax return services.

All clients (current or new) are required to have an IRS Identity Protection Personal Identification Number (IP PIN) prior to the provision of any tax related services. The IRS IP PIN provides a second factor of authentication to protect your information from being used to file unauthorized tax returns. IT/cybersecurity, transaction management or marketing clients are not required to have an IRS IP PIN prior to the provision of those non-tax related services.


NOTE 2:

TaxJets Data Security Policies/Practices:

Protection of client data from compromise, theft, loss and/or improper use is THE number one top priority at TaxJets.  TaxJets staff and systems continually apply modern, updated and standardized data security practices and procedures following best practices in the cyber security industry so you can be assured your data will be safe and secure at all times in all phases of operation.  All TaxJets staff are bound by a daily applied, zero-trust, full liability security policy that is agreed  to on a daily/continual basis during all phases of handling all of your data entrusted to us.

No client data is stored electronically or physically onsite at any TaxJets location and/or on any electronic devices (computers, laptops, tablets, and/or mobile devices) or on any electronic media (external storage, printers, fax machines, scanners, etc.).  Taxjets.com does not process, transmit and/or maintain any non-public client or potential client data.

All client data is protected using multiple, redundant administrative, physical and technical controls that are continually tested, verified and updated. 

All client data is continually encrypted in an unreadable format in all phases of operation using the US National Institute of Standards and Technology (NIST) most current/updated, approved military grade encryption. 

Access to client data is protected using advanced 2-factor authentication access control on IRS/FedRAMP approved systems only. TaxJets continually evaluates and updates its Identity and Access Management access controls to the most current, modern, accepted standards published by NIST. 

All TaxJets staff granted access to client data have been background checked and verified to possess one of the following designations: CPA, JD, EA and/or CRTP (CA CTEC Registered Tax Preparer) and are all bonded/insured. All TaxJets staff review a pre-work, data security checklist EVERY DAY and reviewed again prior to working on any client tax information to remind them of data security policies and practices that need to be deployed on a continual basis to maintain client data security.

All TaxJets client tax information/data as all well as all firm information is secured following applicable portions of the most current/updated versions of standard security frameworks such as:

NIST CSF

NIST 800-53 (Security and Privacy Controls for Information Systems and Organizations)

NIST 800-63-3 (Digital Identity Guideline series) (applicable sections) 

CIS Controls

IRS Publication 1075, Tax Information Security Guidelines

IRS Safeguards Program

PCI-DSS Level 1 (implemented  by all payment system vendors engaged by TaxJets (Square,  PayPal, Venmo business))

NOTE: TaxJets primarily follows NIST SP 800-53 as the primary security guide for operationalizing security controls and references other frameworks for supplemental support.

Any online (cloud) systems/storage providers used by TaxJets are evaluated against applicable sections of NIST SP 800-53 as well as the most current version of IRS publication 4812 Contractor Security & Privacy Controls. In addition to the above controls, any data archived online is always end-to-end encrypted and securely stored only with FedRAMP approved/authorized providers. 

TaxJets maintains a continually updated written data/information security plan following the most current/updated guidance from the IRS. The TaxJets data security plan maintains full compliance with Title 16 CFR part 314 known commonly as the FTC Safeguards Rule (Gramm-Leach-Bliley Act (GLBA)). 

TaxJets security systems and security staff continually monitor MS-ISAC , CISA and all service provider and device manufacturer security alerts and automatically apply all updates on a continual basis on all affected systems to maintain a secure operating environment in all phases of operation.