1040Bridge.com is the first complete document management suite that combines 7216 compliance while aligning invoicing, payment receipt, and document delivery. There is no shortage of Document Management Solutions or Portals in the marketplace many only serve the purpose of a secure file transfer. 1040Bridge.com is the first and only portal that truly is a client self-service portal that directly links your completed work with a fee. Once a document is marked as "Payment Protected" clients cannot access the completed work until the client initiates payment by credit card. Delivery, Invoicing, and Payment happens simultaneously. Uploaded documents can be either marked as “Payment Protected” or open. In addition the software is programed to act as web terminal allowing the Tax Advisor to accept credit card payments directly at the office without any extra equipment to purchase. 1040Bridge integrates with Authorize.net or Sage Payment Gateway so you are free to use your existing merchant account. Sage Payment Solutions Merchant Accounts are available at considerable discounts.

1040Bridge.com releases firms from the constraints of a Windows File Tree Structure. Physical filing cabinets and hierarchy folder-based systems have the inherent flaw of only allowing a document to be placed in one folder. This weak system fails to recognize that documents relate to more than one subject or category, such as the year and type of tax. Much like popular music sites, 1040Bridge.com is organized around a tagging system. You, your employees, and clients will be able to locate documents easily and intuitively without learning a complicated hierarchy organizational method or adhere to complicated document naming rules. While others portal solutions merely duplicate an outdated physical filing cabinet, 1040Bridge.com is the first software built for the Accounting Community that recognizes how people organize their digital documents. 1040Bridge.com even stores documents for clients who will not have portal access, thus eliminating the need for another document management system. It truly is a document management system and a client portal in one solution.

Forty Six (46) States have enacted some form of legislation that serves to protect the privacy of its residents. Massachusetts has the most comprehensive law and is the model for the Data Accountability and Trust Act (DATA),which may become Federal Law. Section 7216 and 6713 of the IRS code confirm that the taxpayer continues to maintain the ability and the right to direct a preparer to USE and DISCLOSE tax return information as the taxpayer sees fit. The Gramm-Leach-Bliley Act applies to accounting firms regardless of size. PCI compliance is required for any firm accepting credit cards. 1040Bridge.com not only meets these mandates as a technology vendor, but also our program establishes the foundation for implementing these requirements into the entire tax practice.

Make TAGS Not Trees - 1040Bridge.com is built to function as the firm’s complete document management solution. It functions as a complete solution for both clients who are active portal users and those that will never utilize the portal. The competition merely duplicates an already inefficient filing method, the physical filing cabinet. 1040Bridge.com is organized utilizing a modern tagging system instead of a weak windows tree file structure. Instead of placing documents in a folder, the user "tags" the file. Tagging allows documents to belong to more than one association. Under a file tree structure with a never- hierarchy of folders and subfolders the user must hunt to find a single document and hopefully can remember the document name. Since 1040Bridge organizes digital documents in a database, clients the firm can quickly drill down to a particular document they are searching for or the user can view documents for a particular subject, multiple subjects, or year(s).

Your 1040Bridge.com account is programmed with default tags, such as Tax Return and Source Documents. Default tax year tags are also preprogrammed and will auto generate before the start of the next tax year. You have the option of creating unlimited additional tags such as QuickBooks, Sales Tax, Insurance, and Mortgage or create your own based upon your unique business.

The IRS defines tax return information to mean "any information, including, but not limited to a taxpayer's name, address, or identifying number, which is furnished in any form or manner for, or in connection with the preparation of a tax return of the taxpayer." Further, the IRS requires that your practice obtain signatures on the Consent to Use and Consent to Disclose forms before the start of the preparation of the tax return. Section 7216 and 6713 establishes a civil penalty on tax return preparers who disclose or use any information furnished to them for, or in connection with, the preparation of tax returns for any purpose other than to prepare, or assist in preparing any such returns unless prior consent is obtained. With this broad definition and potential penalties it is important that these consent forms be completed by your clients.

If your business offers any auxiliary service other than tax preparation, or if you use a client database to market any service that is not specifically tax preparation, your practice must meet the requirements of Section 7216 and 6713. These Consent Forms must be tailored exactly to your business. Generic, opt-out, and/or all inclusive forms do not meet the requirements. Further, the IRS requires that the taxpayer have the ability to choose which item or service the Consent is valid for and for the expiration date of the Consent itself. Because virtually every form will have unique responses, using a generic paper form will lead to compliance issues, especially because the unique responses require very specific mandatory language.

Most tax preparation software vendors provide you with a generic 7216 compliance form. Asking your clients to complete the form is the easy part. The difficult task of compliance is tracking and monitoring the responses for permission on certain activities as well as organizing and adhering to expiration dates.

How do you currently keep track of your clients' unique responses? Are you able to find all clients who responded with a yes to a specific question in less than a second? Which clients gave you permission to examine their tax return to recommend they open an IRA to reduce their tax liability? Can you refer business to other colleagues and still stay in compliance? Do you currently search through paper documents to find client responses before you ask them if they want a RAL or even suggest they open an IRA? Are you even in compliance to begin with?

The 1040Bidge.com 7216 Compliance Generator correctly addresses these issues with ease. This feature generates interactive e-forms based upon your unique practice. The secure portal will email your clients requesting that they join the portal and complete the forms. The system will organize each unique response in a searchable database and monitor the expiration date of the 7216 forms. Your tax practice will be able to quickly identify those clients who have not completed the sign up process and subsequent e-forms as well as the responses of those that have completed the process. In addition, the program will automatically notify both the taxpayer and the tax practice of an approaching expiration date.

We recognize that you will have clients who will never use a portal or electronically sign the 7216 forms. This module permits the printing of blank customized Consent Forms to use for clients who are not able join the portal but are available to sign the paper form. Upon client completion it is advised that you scan and upload the document to the portal. Once uploaded the tax practice enters the client’s responses. The system will monitor those unique responses as if they were entered electronically.

Our servers are hosted at an American Institute of Certified Public Accountants audited SSAE 16 (Formerly SAS 70 II) Data Center.

Almost all Client Portal vendors encrypt the data as it's transferred to and from the server. However, many fail to encrypt the data while it rests at the server. The Federal Data and Accountability and Trust Act, Massachusetts and other states privacy laws state that both stored and transmitted files must be encrypted. We use AES - 256 bit encryption, the same encryption level used by the US Government and Major Banking Institutions.

The use of wireless routers and other devices have made it easier for hackers to intercept data that is transferred over the web. All information transferred to and from our servers is protected by 2048 Bit SSL with an Extended Validation Certificate. SSL renders the information absolutely useless to anyone that attempts to capture the data during transmission. Extended Validation means that we have passed additional security requirements. Your address bar will display that you are actually on our site and not on a fraudulent duplicate site.

SQL injection is the dominate attack on the security of a website by inputting SQL statements in a web form to get a badly designed website to dump the database content to the attacker. 1040Bridge.com uses parameterized data calls to protect your data from this attack. Unlike other portal vendors, we have partnered with vulnerability analysts to constantly review our programming code for new attacks.

Brute force attacks occur when a hacker writes a program that runs through millions of common username and password combinations to gain access to a secure system. After three failed login attempts 1040Bridge.com uses CAPTCHA technology which requires a human to read an image that appears. This stops automated password programs.

Password generator programs and weak common passwords are unsafe. Our software never uses a password generator. Our software has a built in strong password policy. Customer Service will never ask you or your clients for passwords.

Our technology partner uses dedicated Firewall Technology to protect the integrity of our systems.

Our technology partners continually scan our applications for viruses and mal-ware.

Our Backup Servers are protected with the same level of security as our operating servers. Backup Servers are housed in separate facilities to insure against threat of disasters.

These attacks are typically an effort to make computer resources (i.e., websites) unavailable to their intended users. Oftentimes, an attack consists of bombarding the target website external communication requests that the site can no longer respond to legitimate traffic, rendering the site effectively unavailable. Our technology blocks these attacks automatically.

Intrusion Prevention Systems block attacks that firewalls cannot. IPS prevents buffer overflows, stealth port scans, CGI attacks, SMB probes and NetBIOS queries, NMAP and other port scanners, backdoors, Trojans, and operating system and application system vulnerabilities.

1040Bridge.com provides audit trails and reporting on each file and user that accesses the database. The level of detail allows for enforcement of individual accountability. This feature helps your firm gain compliance with the Gramm-Leach-Bliley Act and the SOX act.

Our servers are continually updated. The newest Operating System Patches and Updates help reduce the threat of security attacks as well as system reliability. The servers have been hardened against a combination of the NSA and DISA-STIG standards. The behind-the-scenes services including the database are also hardened against the same standards. These security measures are required for compliance with Sarbanes-Oxley, Gramm-Leach-Bliley, as well as State and Federal Breach of Privacy Requirements.

We contract with leading web security consulting firms to insure that we are kept up to date on the latest regulations and trends in the security industry. They examine and test our code to safeguard against attacks. In addition, at random unspecified times they will attempt to duplicate the efforts of hackers. This will insure that none of our systems or internal protocols are compromised. The application has been vetted against the OWASP and SANS.