myCPE

IT & Data Security, Built for Accounting Firms

We serve over 3,000 accounting firms across various services, and we protect each client’s data through our robust information security policies that align with IRS, FTC, and AICPA standards

Schedule a Call

How We Keep Your Firm’s Information Safe—Every Day

Why Data Security Matters for CPA Firms

When you offshore, you’re extending your security perimeter. Your offshore partner should meet the same regulatory standards that apply to your U.S. operations.

We help ensure your firm stays compliant with
IRS §7216 requirements for taxpayer data
FTC Safeguards Rule for financial institutions
AICPA’s Code of Professional Conduct
SOC 2 Type 2 and ISO 27001 frameworks

Our Three Pillars of Data Security

We ensure a trusted environment by empowering team members to safeguard client success. Stringent security protocols fortify every layer of our infrastructure, ensuring constant protection.

We focus on hiring trustworthy professionals and equipping them with the tools and knowledge to keep client data secure.
Over 100 dedicated IT staff
Background checks on all hires
Mandatory employee confidentiality agreements
Cybersecurity training for all roles
Screen activity tracking to ensure accountability
Access to data limited to assigned responsibilities
Security is not just about tools; it’s about how we work. 
24x7 network and traffic monitoring 
Regular internal and third-party audits 
Clearly defined incident response and recovery plans 
Paperless systems with zero local storage of client data 
Vendor reviews to maintain ecosystem integrity 
These are the physical and technical safeguards applied across all teams
Company-managed and encrypted devices
USB and external storage disabled 
Mobile phones not permitted in operations zones
No paper, printers, or pens on the production floor
Keycard-restricted access to secure areas 
Limited internet access to business-related domains 
Two-factor authentication across all systems 
24x7 CCTV coverage

Cybersecurity Measures That Are Part of Our Daily Work

We manage sensitive financial and personal information for hundreds of firms. To do this responsibly, we’ve built a structured cybersecurity system that addresses both external threats and internal risks.

Security isn’t just about tech—it’s a part of how we operate every day.
System patching and software updates handled centrally
Role-based access control across all software and portals
No local storage of sensitive data
All communication and file transfers are encrypted
Real-time threat monitoring and automated alerts

Training to Por Team Members

Employees play a critical role in data security. That’s why our training goes beyond one-time sessions.

Secure Data Handling

Teaches encryption basics and handling sensitive information

Password Management

Covers secure password policies and password manager use

Phishing Detection

Helps spot and report suspicious links, emails, and attachments

Safe Internet Use

Defines clear browser practices when working with client data

Advanced Phishing Defense

Updates staff on evolving phishing threats

Application Security

Reviews secure usage of accounting tools and platforms

Data Transfer Policies

Reinforces zero tolerance for unauthorized data sharing

Incident Response

Walks through what to do in case of a breach or exposure

Our Certifications

We follow verified global standards to ensure we meet expectations—not just claims.

AICPA SOC
ISO 27001
GDPR

Due Diligence Documentation

If you're evaluating us as a vendor or benchmarking your current offshore setup, we can support your process.

We can provide detailed documentation covering: To request this, email chris@my-cpe.com

FTC Safeguards Rule Compliance
SOC 2 Type 2 and ISO 27001 protocols
IRS §7216 Compliance
AICPA Compliance
Internal access and compliance controls
Detailed IT Policies

Contact Our Data Protection Officer (DPO)

We are committed to protecting your personal information and maintaining transparency in how we handle your data.

If you have any questions about our data protection practices, wish to exercise your rights under applicable privacy laws, or would like to report a potential data breach, you may contact our Data Protection Officer (DPO) using the details below:

Mukund Patel (DPO)
dpo@my-cpe.com
8th Floor, Sakar-1, Near Gandhigram Railway Station, Ashram Road, Ahmedabad, Gujarat, India – 380009
DPO image
Our DPO is responsible for overseeing data protection strategy and ensuring compliance with applicable privacy regulations. We take all inquiries and breach reports seriously and are committed to responding in a timely and responsible manner.