HR Block 2012 Annual Report Download - page 23

Download and view the complete annual report

Please find page 23 of the 2012 HR Block annual report below. You can navigate through the pages in the report by either clicking on the pages listed below, or by using the keyword search tool below to find specific information within the annual report.

Page out of 110

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110

parties. In addition, some of our products and services are internet-based and we store a large amount of data
for our users on our servers, including personal information. We and our vendors use commercially available
security technologies to protect transactions and personal information. We use security and business controls
to limit access and use of personal information. However, individuals or third parties may be able to circumvent
these security and business measures, and errors in the storage, use or transmission of personal information
may result in a breach of client or employee privacy or theft of assets, which may require notification under
applicable data privacy regulations. We employ contractors and temporary employees who may have access to
the personal information of clients and employees or who may execute transactions in the normal course of
their duties. While we conduct background checks and limit access to systems and data, it is possible that one
or more of these controls could be circumvented, resulting in a security breach.
We are subject to laws, rules and regulations relating to the collection, use, disclosure and security of
consumer financial information, which have drawn increased attention from federal and state governments. The
IRS imposes various prohibitions on the use or disclosure by tax return preparers of taxpayers’ information
without the prior written consent of the taxpayer. In addition, other regulations require financial service
providers to adopt and disclose consumer privacy policies and provide consumers with a reasonable
opportunity to “opt-out” of having personal information disclosed to unaffiliated third-parties. New laws in this
area have been passed by several jurisdictions, and other jurisdictions are considering imposing additional
restrictions. These new laws may be interpreted and applied inconsistently from jurisdiction to jurisdiction and
our current data protection policies and practices may not be consistent with those interpretations and
applications. In addition, changes in these federal and state regulatory requirements could result in more
stringent requirements and could result in a need to change business practices, including how information is
disclosed. Establishing systems and processes to achieve compliance with these new requirements may
increase costs and/or limit our ability to pursue certain business opportunities.
A major breach of our security measures or those of third parties that execute transactions or hold and
manage personal information may have serious negative consequences for our businesses, including reduced
client demand for our services, harm to our reputation and brands, possible fines, penalties and damages,
further regulation and oversight by federal or state agencies, and loss of our ability to provide financial
transaction services or accept and process client credit card orders or tax returns. From time to time, we
detect, or receive notices from clients or public or private agencies that they have detected, vulnerabilities in
our servers, our software or third-party software components that are distributed with our products. The
existence of vulnerabilities, even if they do not result in a security breach, may harm client confidence and
require substantial resources to address, and we may not be able to discover or remediate such security
vulnerabilities before they are exploited. Although we have commercially available network and application
security, internal control measures, and physical security procedures to safeguard our systems, there can be no
assurance that a security breach, intrusion, loss or theft of personal information will not occur, which may harm
our business, client reputation and future financial results and may require us to expend significant resources to
address these problems, including notification under data privacy regulations.
Security concerns may adversely affect our online financial services that we provide to our
clients, and vulnerability of our clients’ computers and mobile devices could lead to losses
related to identity theft or other fraud and harm our reputation and financial performance.
We offer a range of services to our clients online, including digital and assisted tax services and banking
services provided by HRB Bank. A significant requirement of providing online financial transactions is the
secure transmission of confidential information over public networks. The systems we use rely on encryption
and authentication technology to provide secure transmission of confidential information. Advances in
computer capabilities, new discoveries in the field of cryptography or other developments could result in a
compromise or breach of the algorithms used to protect client transaction data. If we, or another provider of
financial services through the internet, were to suffer damage from a security breach, public acceptance and use
of the internet as a medium for financial transactions could suffer. In addition, our clients may access our online
tax services from their computers and mobile devices, install and use our H&R Block At Home
TM
tax
preparation software on their computers, and access online banking services from their computers and mobile
devices. Because our business model relies on our clients’ use of their own personal computers, mobile devices
and the internet, computer viruses and other attacks on our clients’ personal computer systems and mobile
devices could create losses for our clients even without any breach in the security of our systems, and could
thereby harm our business and our reputation. Any security breach could deter potential clients or cause
H&R BLOCK 2012 Form 10K
9