Did not mean to imply ANY ONE BANK. My husband has worked for all of the big banks--not just BOA. The problem is there are dishonest people who get hired in every large organizations. Banks just happen to be one of them. We have been fighting Identity Theft for 4 years now when Chase Bank was breached. Yes, a bank was breached because an employee did not do their job. A criminal? Probably not, but my son, husband and I have had to fight credit cards, cell phone contracts, apartments rented, utility companies, cable companies, etc. where a professional ID theft opened accounts in our names without our knowledge. We live in Houston. Accounts in NY, Dallas, etc. were opened--but not Houston. This common according to my husband who worked in account fraud. Problem is tax returns are used for mortgages, insurance policies, etc. Lots of people have access to these returns. I do not give anyone my PTIN and I eliminate the 8879 from the tax return to help eliminate the risk that my numbers will be used to file fraudulent tax returns. Circular 230 has stinging details about "due diligence" to protect SSN, client info, and for preparers to have a WRITTEN PLAN to guard SSNs, PTIN, and EFIN data. This is part of my written plan.