Best Practices to Secure Client Information

Client access groups are used for clients who require confidentiality. Client access groups restrict access of a specified client or group of clients to one or more staff. Only the staff assigned access in the client access group are able to view and work with the secured clients in the selected product modules. Staff without access to secured clients cannot view or work with objects, such as Document files, Workstream projects, and Tax returns, that are associated with the secured clients.

You can also have access to client information based on your assigned security groups. See Using Security Groups to Give Staff Access to Modules and Functions for more information.

Tip: Clients can be assigned to more than one client access group. Secured clients can be assigned to one group that provides access to those who prepare their returns. Those clients and other secured clients can be assigned to another group that provides access to those who review returns.

If you choose to use client access groups, there are two methods of assigning clients to access groups.

Securing Clients Using Client Attributes

Securing clients by organizational unit or responsible staff gives less precise control over client selection. Explicitly including or excluding specific clients in other groups may be required. An advantage of securing clients through attributes is that clients are automatically secured in access groups based on their profiles.

Larger firms may find this method satisfies most of their client security requirements. It fits well where there are significant numbers of existing and new clients who require security.

Note: When securing clients by attributes, make sure only qualified staff are granted permission to modify those attributes. Those permissions are defined in security groups.

Securing Specific Clients

Including or excluding specific clients gives precise control over secured clients, but requires maintenance if client security requirements change.

Smaller firms may find this method satisfies most of their client security requirements. It fits well where a small number of clients need to be secured and a small number of staff require access.

Tip: It is generally easy to determine certain staff or positions who should have complete access to certain clients in all modules. If it is determined that certain staff need access in other areas, create additional groups to provide that access. This approach leads to a security system that accurately reflects your needs.

Which Method of Assigning Clients is Best for My Firm?

Some smaller firms with many secured clients will find assigning security by attributes is best. Some larger firms who want precise control over security will find that assigning security by specific clients is beneficial. Keep in mind that securing many clients by specific client selection requires administrative time for ongoing maintenance.

You can use both methods. Many firms will find that securing clients through attributes is an efficient way of handling most clients. The precision of specific selection is best for some clients who need or request specific security considerations.