Go Search
Subscribe to our Newsletter

 

FOLLOW US

 

The Watkins Wire blog covers insights and updates to help businesses and non-profits thrive in a changing regulatory and tax environment.
Blog > Posts > What’s on your 990?
What’s on your 990?
You may have heard about the recent report by an identity security company that reviewed approximately 2.9 million 990’s for years 2001-2006 and found that approximately 100,000 nonprofits had disclosed almost 500,000 social security numbers (SSN’s) on their Form 990 returns.  The bad news: ; Because Forms 990 are available for public inspection, there is a risk that a person’s identity could be stolen from information reported on the 990.  The good news: ; The risk is very manageable when a few simple steps are followed:
 
First, organizations need to be mindful of the sensitive data being included on their Form 990.  SSN’s should not be on the return, except when required (such as when Form 5471 must be attached to the 990).  Board member home addresses should only be used when the Board member requests it.  Instead, use the filing organization’s address.
 
Secondly, the filing organization should ask its preparer to provide a draft of the 990 before it is filed.  The CFO should review not only the accuracy of the data and narrative disclosures, but also the nature of the disclosures.
 
Third, when providing a copy of your 990 or putting your 990 on your website, make sure it does not include donor information on Schedule B, and, in some cases, Schedules A and O.  The easiest way to accomplish this is to have your tax preparer provide you with a “Public Inspection Copy” of the return, which should have donor information redacted. This copy should be different from the “Taxpayer Copy” of the return.
 
It should be noted that the returns reviewed were for tax years prior to 2008, when filing organizations often attached numerous schedules to the returns, containing all kinds of data.  With the revision of Form 990  in 2008, filing organizations can no longer attach such schedules, so that has reduced the likelihood of sensitive data being disclosed.  Although the incidence rate is lower, organizations must continue to be vigilant in their attempts to protect personal information.

April 25. 2012 | Daniel O'Shea

 

 

What’s on your 990?

 

You may have heard about the recent report by an identity security company that reviewed approximately 2.9 million 990’s for years 2001-2006 and found that approximately 100,000 nonprofits had disclosed almost 500,000 social security numbers (SSN’s) on their Form 990 returns.  The bad news:  Because Forms 990 are available for public inspection, there is a risk that a person’s identity could be stolen from information reported on the 990.  The good news:  The risk is very manageable when a few simple steps are followed:
 
First, organizations need to be mindful of the sensitive data being included on their Form 990.  SSN’s should not be on the return, except when required (such as when Form 5471 must be attached to the 990).  Board member home addresses should only be used when the Board member requests it.  Instead, use the filing organization’s address.
 
Secondly, the filing organization should ask its preparer to provide a draft of the 990 before it is filed.  The CFO should review not only the accuracy of the data and narrative disclosures, but also the nature of the disclosures.
 
Third, when providing a copy of your 990 or putting your 990 on your website, make sure it does not include donor information on Schedule B, and, in some cases, Schedules A and O.  The easiest way to accomplish this is to have your tax preparer provide you with a “Public Inspection Copy” of the return, which should have donor information redacted. This copy should be different from the “Taxpayer Copy” of the return.
 
It should be noted that the returns reviewed were for tax years prior to 2008, when filing organizations often attached numerous schedules to the returns, containing all kinds of data.  With the revision of Form 990  in 2008, filing organizations can no longer attach such schedules, so that has reduced the likelihood of sensitive data being disclosed.  Although the incidence rate is lower, organizations must continue to be vigilant in their attempts to protect personal information.

 

Comments (0) »

 

Comments

There are no comments yet for this post.

 Post a Comment

If you can't read this number refresh your screen.
Enter the code shown above: *

(Note: If you cannot read the numbers in the above image, reload the page to generate a new one.)
Items on this list require content approval. Your submission will not appear in public views until approved by someone with proper rights. More information on content approval.

USER NAME *


COMMENT *


Attachments