411 Waverley Oaks Road
Building 3, Suite 331
Waltham, MA 02452

Phone: (781) 398-1770
Fax: (781) 398-2281
Email: saga@sagacpa.com

    Home

    Services

    Expertise

    About Us

    Managing Partner

    The Team

    Firm Policies

    Guidelines &
        Resources

    Careers

    Contact Us


    
 

Firm Policies


Privacy Policy

At Scott A. Goffstein & Associates, LLP, your privacy is important to us.  While information is the cornerstone of our ability to offer excellent service, Scott A. Goffstein & Associates, LLP recognizes our most important asset is our customers’ trust.  We are particularly concerned about the privacy of our individual customers who obtain financial services from us for personal, family, or household purposes ("you").  This notice provides you with our privacy policies and practices with respect to the disclosure of nonpublic information about you.

Information We May Collect

In providing you with financial services, we collect nonpublic personal information* about you from the following sources:

Information we receive from you on applications, tax returns, net worth statements, or other forms
Information about your transactions with us or others
Information we receive from a consumer-reporting agency.

*Nonpublic personal information means personally identifiable financial information that is not publicly available.

Information We May Disclose And To Whom We May Disclose

We do not disclose any nonpublic personal information about you to anyone, except as permitted by law.

Under Massachusetts law, if you provide us with information which you identify as confidential pursuant to a professional engagement with us, we are not permitted to disclose that information without your consent, except in response to a court proceeding, to the Massachusetts Board of Public Accountancy, or in the course of quality reviews of our firm.

If you decide to close your account(s) or become an inactive customer, we will adhere to the privacy policies and practices as described in this notice as well as the Firm's Record Retention and Destruction Policy.

We restrict access to your personal and account information to those employees who need to know that information to provide services to you.  We maintain physical, electronic, and procedural safeguards that comply with federal regulations to guard your nonpublic personal information.

This Privacy Policy applies to nonpublic personal information about individuals who obtain financial services primarily for personal, family or household purposes.

We reserve the right to change this Privacy Policy, and any of these policies described above, at any time.

If you have any questions about this Privacy Policy, please call (781) 398-1770.

Return to Top


Record Retention and Destruction Policy

Scott A. Goffstein & Associates, LLP, recognizes that the firm's engagement and administrative files are critical assets. As such, the firm has established this formal written policy for record retention and destruction in accordance with applicable state and federal laws. Compliance with this policy is mandatory for all employees.

Engagement Files

Engagement files are defined, for the purposes of this policy, as all records related to the engagement, including workpapers and other documents that form the basis of services rendered by the firm, such as, all documentation reflecting the procedures applied, evidence obtained, and conclusions reached in the engagement. In order to adequately address the needs of the firm and meet the current regulatory requirements established by the profession and the regulatory agencies, this policy will address separately the document retention requirements for engagement files by the categories indicated below. Unless otherwise notified by the Managing Partner, Scott A. Goffstein, or mandated by state or federal law, Scott A. Goffstein & Associates, LLP, will follow the recommended record retention periods specified in the attached Exhibit A.

Audit/Review/Compilation Services

Scott A. Goffstein & Associates, LLP, will retain all records related to the audit, review or compilation (including electronic records) for a period of seven years from the conclusion of the audit, review, or compilation that meet the following two criteria:
    1. The records have been created, sent or received in connection with the audit, review, or compilation;
AND
    2. The records contain conclusions, opinions, analysis, financial data related to the audit, review, or compilation or, significant information that is inconsistent with the final conclusions, opinions or analysis (e.g., significant differences in professional opinions on issues that are material to the financial statements or to the final conclusions).
Records for purposes of this subsection include workpapers and other documents that form the basis of the financial statement engagement, and memoranda, correspondence, communications, and other documents and records that meet both of the criteria stated above.

It is the firm's position that all documents (whether hardcopy or electronic) which do not meet the criteria listed above (numbers 1 and 2) would not be considered substantive in nature and thus would not be retained in accordance with this policy. The Firm, however, acknowledges the following exception to this rule:

    All significant information that is inconsistent with the final conclusions, opinions, or analysis (e.g., significant differences in professional judgment or differences of opinion on issues that are material to the financial statements or to the final conclusions) will be considered substantive in nature and appropriately retained in accordance with the policy.
Although this list is not meant to be all inclusive, the following are examples of those items that generally would not meet the criteria for retention and should be destroyed at the completion of the engagement:
  • Superseded drafts of memoranda, financial statements, or regulatory filings
  • Notes on superseded drafts of memoranda, financial statements, or regulatory filings that reflect incomplete or preliminary thinking
  • Duplicates of documents
  • Copies of client records (Unless the client records contain evidence of audit or other procedures applied by the Firm.)
  • Review notes
  • To do lists (which have been completed)
  • Documents that contain typographical errors or other minor errors that result from the normal business/learning process or from preliminary views based on incomplete information or data
  • Voice-mail messages. (It is the firm's policy that all significant voice-mail messages that would record or support the Firm's professional services should be documented as a memo to file and retained in accordance with the terms of this policy.)
HOWEVER, if any of the documents listed above DO include information that contains either (a) conclusions, opinions, analysis, or financial data related to the audit, review, or compilation or, (b) significant information that is inconsistent with the final conclusions, opinions, or analysis, they will be subject to the retention periods for such information in accordance with the terms of this policy as outlined in attached Exhibit A.

Questions arising in connection with applying the rules set forth in this section should be referred immediately to the partner on the engagement. The Managing Partner, Scott A. Goffstein, must approve any exceptions to this policy.

Other Services
(Includes Tax and Consulting Services)

Scott A. Goffstein & Associates, LLP, will retain sufficient records (whether hardcopy or electronic) to reflect services performed by and substantive information provided to the firm for seven years after it completes such services. Records, for the purposes of this sub-section, mean final workpapers and any other documents, including correspondence and copies of client records, that are necessary for a reasonable person to understand the services performed by and substantive information provided to Scott A. Goffstein & Associates, LLP, for the engagement.

Refer to the attached Exhibit A should you have any questions regarding the period of retention for a particular type of document.

Administrative Files

It is the firm's policy that all administrative files (including, but not limited, to billing and collecting activities, accounts payable, loans, leases, fixed assets, and personnel files) will be maintained for no less than the current legal or regulatory requirements for such items (no less than seven years for accounting records) or longer if they serve a useful purpose as determined by the Managing Partner, Scott A. Goffstein. For example, in accordance with the recommended records retention period outlined in the attached Exhibit A, legal documents and contracts, including, but not limited to, articles of incorporation, corporate stock records, company minutes and by-laws, service and lease agreements, promissory notes, and legal correspondence, will be retained permanently, unless otherwise determined by the Managing Partner, Scott A. Goffstein. Refer to the attached Exhibit A should you have any questions regarding the period of retention for a particular type of document.

The Office Manager will be responsible for maintaining and annually updating a summary of the legal and regulatory requirements for all administrative files and keeping the Managing Partner, Scott A. Goffstein, updated of any changes to such requirements.

Physical Security

It is company protocol to protect all hardcopy files, electronic files, computer hardware, software, data and documentation from misuse, theft, unauthorized access, and environmental hazards. As such, the firm has adopted procedures for information maintained in both hardcopy and electronic form to ensure physicals security. In the event Scott A. Goffstein & Associates, LLP, uses third-party vendors to store, maintain, and/or destroy records (whether hardcopy or electronic), the firm will obtain client consent before transmitting the client's records to such a third-party vendor. Refer to the attached Exhibit B for sample language use as an addendum to an engagement letter.

Hardcopy Form
  • The firm will store all of its on-site hardcopy client files in file cabinets. File cabinets are stored in a separate file room and are restricted to those employees authorized to have such access. The Office Manager has the responsibility for managing the access control of the file room and for reporting any potential breaches in security to the Managing Partner, Scott A. Goffstein.
  • The Office Manager will have the responsibility for establishing filing procedures to ensure that files can be easily located and retrieved as necessary.
Electronic Form
  • The firm has established back-up procedures on electronic files to minimize the risk that data may be destroyed, modified, or disclosed without authorization. These procedures include, but are not limited to, the following:
    • The Office Manager will be responsible for ensuring that all data files will be backed up daily by Mindshift Technologies, Inc. These backups are stored at Mindshift's technical operations office in Fairfax, VA.
    • The Office Manager will be responsible for ensuring also that all software applications used in creating the work or in archiving or storing the files are retained or available (including all updated or superseded applications) so that the electronic files can continue to be accessed for the retention periods stated in this policy.
  • Access controls have been established to maintain the confidentiality and integrity of data stored on the firm's computer systems. Access shall be restricted to only those actions that are appropriate to each employee's specific job duties. The Office Manager will have the responsibility for the administration of access controls and will ensure that all additions, deletions and/or changes are processed appropriately upon written request from the firm administrator, applicable supervisor, and/or partner. Employees will have individual access codes and passwords to the firm's computer network systems. These systems are accessible at all times by the firm and the Office Manager will maintain a complete list of access codes and passwords in a secured place. Employees are prohibited from the unauthorized use of the access codes and passwords belonging to other employees.

Confidentiality

All of the documents and records relating to clients are the property and proprietary interest of Scott A. Goffstein & Associates, LLP, to the extent it is consistent with applicable laws. All original documents are the property of the client and should be returned to the client upon request. The firm's documents and records relating to its clients are confidential and may not be disclosed without express written permission from the client or unless required by law. All employees of the firm must ensure that privacy will be maintained for client information. In consideration of the firm's size and complexity, the nature and scope of the professional services we render to our clients, and the sensitivity of the information we collect, the firm has determined that compliance with this policy appears to satisfy the current regulatory requirements under the Federal Trade Commission Safeguards Rule.

Destruction of Records

The Office Manager has the responsibility for ensuring compliance with this policy for the destruction of records, files and electronic data. It is the firm's policy that all engagement letters issued on or after the effective date of this policy should contain language regarding the firm's applicable record retention periods.

The firm will conduct on an annual basis an inventory of all records, files and electronic data subject to destruction based on the recommended retention periods outlined in the attached Exhibit A. The Office Manager will review this list with the Managing Partner, Scott A. Goffstein, for approval prior to the actual destruction of such records. Document destruction services are performed by Iron Mountain Incorporated under separate agreement.

IMPORTANT NOTICE TO ALL EMPLOYEES

Under NO CIRCUMSTANCES will any records, files or electronic data be destroyed, regardless of the retention periods identified in this policy, if there is any pending regulatory investigation, disciplinary action, legal action, or if the firm has any knowledge of the intent by a regulatory agency to launch an inquiry or knowledge of a potential legal claim.

Exhbit A

Recommended Record Retention Periods for
Documents Related to Accounting Services

Description of Records Recommended Record Retention Period**
Audit/Review/Compilation working papers* 7 years
Audit/Review/Compilation Statements and Reports Permanent
Tax Return work papers 7 years
Tax Returns Permanent***
Billing Files 7 years
Correspondence 7 years
Legal documents/contracts Permanent
Special Reports Permanent
All Other Services not specified above
 7 years

*Audit/Review/Compilation working papers are defined as those records which have been created, sent, or received with the audit, review, or compilation, as well as those which contain the conclusions, opinions, analyses, or financial data related to the review or compilation or, significant information that is inconsistent with the financial conclusions, opinions or analyses. See 17 C.F.R. § 210.2-06.

** These are minimum recommended periods of retention that comply with applicable federal and state law. Further, notwithstanding the recommended retention period set forth above, any claim for credit, abatement, or refund and any material relating, concerning, or referring to the subject of any pending or ongoing litigation MUST be kept until such matter is resolved. See Sarbanes-Oxley Act of 2002, sections 802 and 811; 820 CMR 62C.25.1(3); Treas. Reg. 1.6001-1.

***For tax years commencing after 1996, 7 years prior to that date.

EXHIBIT B

Sample Client Disclosure Language
Re: Third-Party Vendors

Unless you indicate otherwise, our firm may transmit confidential information you provided to us to third parties in order to facilitate the delivery of our services to you.

For example, such transmissions might include, but not be limited to: scanning of client records (whether electronic or hardcopy) by an outside, unaffiliated vendor; dissemination of client records to an outside, unaffiliated vendor for purposes of storage; destruction of client records (whether electronic or hardcopy) by an outside, unaffiliated vendor; or, use of an outside tax processing service to assist in preparing tax returns.

Please feel free to inquire if you would like additional information regarding the transmission of confidential information to entities outside the firm.

____ I/We do consent to the firm using third-parties, including outside processing services, when providing services to me/us.

____ I/We do not want your firm to use third-parties, including outside processing services, when providing services to me/us. I/We consent to the additional fees (charged at the firm's regular hourly rates), which may arise.

Signature: ______________________________ Date: _________________

[Additional section to use if confidential information will be transmitted outside the United States.]

Additionally, some of the transmissions of confidential information described above may be to persons or entities outside the United States.

____ I/We do consent to the transmissions of confidential information to persons or entities outside the United States in order to facilitate your firm providing me/us services.

____ I/We do not consent to the transmissions of confidential information to persons or entities outside the United States in order to facilitate your firm providing me/us services. I/We consent to the additional fees (charged at the firm's regular hourly rates), which may arise.

Signature: ______________________________ Date: _________________

Return to Top

 



© Copyright 2002-2010.   All Rights Reserved.   Scott A. Goffstein & Associates, LLP