Back to Compliance Hub

Data Breach & Incident Response Protocol

1

Identification

Log the date, time, and nature of the suspected breach.

2

Containment

Immediately rotate all passwords and revoke API keys for affected systems (e.g., Tax software, CRM).

3

Notification

Notify the IRS Stakeholder Liaison within 24 hours.
Notify affected clients via secure email/portal notice.
Notify the FBI/IC3 if criminal activity is suspected.