Module S1 — §7216-defensible AI setup

The operational walkthrough between the §7216 article and the consent generator — vendor selection, DPA acquisition, audit-trail setup, engagement-letter rider, and the client briefing. Thirty minutes to permanent §7216 defensibility.

AI Tax Practitioner Editorial

Published May 27, 2026 ·14 min read ·Last reviewed May 27, 2026

The 30-second version. Every CLEAN vendor in the §7216 vendor matrix is one signed consent + one DPA away from compliant. The article tells you why; the consent generator tool drafts the consent in three minutes. This module walks the rest: how to acquire the DPA from the vendor, where to log the audit trail, what to put in the engagement letter for business returns, and what to say to the client who asks “why am I signing this.” Thirty minutes of operator time. Permanent §7216 defensibility for the firm.

What this module assumes

You have already either:

Read the §7216 AI consent article, or
Know that §7216 is criminal, that pasting client tax-return information into an LLM is a disclosure, and that the auxiliary-service exception in §301.7216-2(d) almost certainly does not cover generative AI.

If neither is true: read the article first. This module is the do-this layer; the article is the why-this layer.

The Monday-morning sequence (30 minutes to first defensible setup)

Numbered steps. Time estimates are for a sole practitioner working alone with no prior vendor relationship. A firm with an existing vendor relationship can skip Step 2.

Step 1 — Pick the CLEAN vendor that fits your firm (5 minutes)

The article publishes the vendor compliance matrix sorted into CLEAN vs DIRTY tiers. The matrix lists 17 CLEAN vendors. Most practitioners do not need 17. Most need one or two, picked against three filters. Use Artifact 1 — Vendor selection decision tree below.

The decision tree maps four practitioner profiles to a recommended primary vendor:

Solo, price-sensitive, mostly 1040s: ChatGPT Team (~$360/yr) or Microsoft 365 Copilot ($30/user/mo + M365 base). Both general-purpose. ChatGPT Team if you don’t already pay for M365. Copilot if you do.
Solo, tax-research-heavy, year-round work (EA representation): Blue J (~~$1,198/yr) or TaxGPT Pro (~~$1,600-$2,000/yr). Both tax-specific with primary-authority citations. Blue J’s research depth tends to win on regulatory queries; TaxGPT Pro tends to win on practical workflow drafting.
Solo CPA, mid-complexity book: ChatGPT Team for drafting + summarization + Blue J for research. Two named vendors, two consents, ~$1,560/yr combined. The two-tool stack is the realistic shape of a defensible solo workflow.
Small firm with K-1-heavy book (5-20 staff): ChatGPT Team firm-wide + Blue J for senior preparers + GruntWorx K-1 ADVANCED (pay-per-return, Drake-owned) or K1x (independent) for K-1 extraction. Three named vendors, three consents.

Don’t:

Don’t pick a DIRTY vendor (ChatGPT Plus, Claude Pro, free Gemini, consumer Perplexity) and try to make it work with a consent. The auxiliary-service exception fails on data-residency alone — consent doesn’t fix that.
Don’t pick a CLEAN vendor without confirming SOC 2 Type II in the vendor’s current Trust Center / docs page before you sign. Some CLEAN vendors are Type I only; the matrix may have advanced.
Don’t bundle vendors in a single consent (“various AI tools”). Each vendor needs its own consent line.

Step 2 — Acquire the DPA from each CLEAN vendor (15-30 minutes per vendor, async, can run in parallel)

The CLEAN tier means the vendor offers a Data Processing Addendum. Offering it is not the same as having one signed on file. You need the signed one. Use Artifact 2 — DPA acquisition email scripts below.

The artifact contains five email templates: to ChatGPT Team/Enterprise, to Anthropic, to Blue J, to Microsoft 365 Copilot, and a generic CLEAN-tier request for any vendor not covered by the first four. Each script names the specific document to request, the specific clauses to verify in the returned doc (no-training, US data residency, deletion timeline, breach notification SLA), and the expected response time. Most CLEAN-tier vendors return a signed DPA within 2-5 business days.

File the signed DPA in your WISP folder (Written Information Security Plan — the Gramm-Leach-Bliley §501(b) document your firm should already maintain). The DPA lives there alongside the §7216 consents.

Use the §7216 consent generator. Inputs: the vendors you confirmed CLEAN in Step 1; the client’s filing jurisdiction (Federal only, or with California / New York overlay); the use mode (1040 individual — separate document required; business — may be embedded in engagement letter).

The tool stitches the Rev. Proc. 2013-14 §5.04 mandatory language verbatim, names the specific vendor(s), and outputs as text / Word / PDF. Export the Word version for client signature.

For business returns, you have an alternative path: skip the consent document and use Artifact 4 — Engagement letter rider below. §301.7216-3(a)(3)(iii) permits this for non-1040 returns.

Step 4 — Set up the audit trail (5 minutes one-time, ~2 minutes per AI use thereafter)

Per §301.7216-2 audit-trail expectations + the §10.22 due-diligence reflex, every AI use against client tax-return information gets logged. Not a regulatory requirement; an audit-defense and Circular 230 review-trail discipline. Use Artifact 3 — Audit-trail log template below.

The template is a spreadsheet structure with columns for date, client, engagement ID, vendor, use type, prompt summary, output-kept flag, reviewer initials, and notes. The header tab carries the consent expiry date and a quarterly review-prompt reminder.

Practitioners with a TaxDome / Canopy / Karbon practice-management setup may prefer logging within their PM system. Both approaches are defensible. The Sheet approach is faster to set up and is firm-independent.

Step 5 — Brief the client (one minute per client, on the engagement-letter call)

When the client asks “why am I signing this AI thing?” — they will, roughly half the time per practitioner reports — the right answer takes 30 seconds and respects them. Use Artifact 5 — Client-facing FAQ below.

The artifact contains a two-paragraph practitioner-to-client explanation, plus three drop-in answers for the three most-asked client questions: “Why am I being asked to sign this?”, “What happens to my data?”, and “Is this required?” The answers respect the client’s intelligence and are honest about what the consent does and does not do.

Step 6 — Set the renewal trigger (2 minutes)

Consent default per §301.7216-3(b)(5): one year from signature. Sign January 15, 2026 → expires January 15, 2027.

Two operational moves:

In your calendar: set a recurring task 30 days before each consent’s anniversary — “Reissue §7216 AI-vendor consent for [client].”
In the firm-level review file: the WISP folder gets an annual review on the same anniversary — re-check each CLEAN vendor’s current SOC 2 status, current DPA terms, current Trust Center disclosures. Vendors move; what was Type II in 2026 may be Type I in 2027.

That’s the setup. Six steps. The first three are the binary defensibility move; steps 4-6 are the operational discipline that keeps the defense holding under audit.

Artifact 1 — Vendor selection decision tree

Single page. Print it or keep it open in a browser tab during Step 1.

                    Are you a sole practitioner?
                              |
              +---------------+---------------+
              | YES                            | NO (firm of 2-20)
              v                                v
   What's your work mix?              Are >50% of your team
              |                       on Drake or non-credentialed?
   +----------+----------+                    |
   |          |          |              +-----+-----+
   |          |          |              | YES        | NO
   v          v          v              v            v
Mostly      Mostly    Tax research /    Drake/AFSP   CPA-heavy
1040s       1040s     representation    firm         firm
+ M365      no M365   year-round
exists?                                 ChatGPT      ChatGPT Team
   |          |          |              Team +       firm-wide
   v          v          v              GruntWorx    + Blue J for
M365         ChatGPT    Blue J or       K-1 ADV      seniors +
Copilot      Team       TaxGPT Pro      pay-per-     K1x or
($30/seat    ($30/seat  (~$1,200 -      return       GruntWorx
+ M365)      annual)    $2,000/yr)                   K-1 ADV

Notes:

M365 Copilot vs ChatGPT Team. Both CLEAN. If your firm already pays for M365 Business / Enterprise, Copilot is the lower-friction add (one billing, one DPA — the existing Microsoft EDP). If you don’t pay for M365 already, ChatGPT Team is cheaper than adding M365 base + Copilot.
Blue J vs TaxGPT Pro. Both CLEAN. Blue J’s tax-research depth wins for section-level regulatory queries; TaxGPT Pro’s drafting and workflow integration wins for practical tasks. Solo EAs doing representation work — Blue J. Solo CPAs doing planning + research — either; trial both and pick the one the daily workflow likes.
Why no Hive Tax in the tree? Hive Tax is CLEAN but the Tax Return Analysis tool runs zero-storage (no record of what was processed). Defensibility-wise it’s strong, but the audit-trail discipline in Step 4 wants a vendor that retains some record. Hive Tax is a fine secondary tool.
Why no CoCounsel? CLEAN but enterprise-priced (~$3,400/user/yr). Right for mid-firms and up; not in the solo tree.
Anti-pattern: Don’t pick more than two general-purpose CLEAN vendors at a time. Pick one general-purpose tool plus one optional tax-specific tool. Two is the sweet spot.

Artifact 2 — DPA acquisition email scripts

Five templates. Send from wherever your firm’s compliance correspondence lives.

Template A — OpenAI (ChatGPT Team / Enterprise / API)

Subject: Tax-practice DPA + ZDR addendum request — [Firm name], OpenAI account [ID]

Hi OpenAI Trust team,

I'm a US tax practitioner running [Firm name]. We've subscribed to ChatGPT [Team / Enterprise] under account ID [your-account-ID] and use it for tax-return preparation work involving client tax return information protected under IRC Section 7216.

Could you send us:
1. The current Data Processing Addendum (DPA) for our subscription tier, executed copy if available
2. The Zero Data Retention (ZDR) addendum if applicable to our tier
3. Your current SOC 2 Type II report or the most recent Trust Report
4. A written confirmation that prompts and outputs are not used to train foundation models for our subscription tier

We're filing these in our firm's WISP and Section 7216 audit-trail records.

Thanks,
[Your name + title]

Expected response time: 2-5 business days. ChatGPT Team customers receive the DPA on request; Enterprise customers usually have it pre-attached at contract signing.

Template B — Anthropic (Claude Team / Enterprise / API)

Subject: Tax-practice DPA request — [Firm name], Claude Team subscription

Hi Anthropic Trust team,

[Firm name] runs a US tax practice subscribed to Claude [Team / Enterprise]. We use Claude for drafting, summarization, and research against work that includes client tax return information protected under IRC Section 7216.

Could you send us:
1. The current Claude Team / Enterprise DPA, executed copy if available
2. Your current ISO 42001:2023 certification + SOC 2 Type II report
3. Written confirmation that customer content is not used to train models
4. The current log-retention policy (we understand it's ~7 days for API; please confirm for Team / Enterprise)

Thanks,
[Your name + title]

Expected response time: 2-5 business days.

Template C — Blue J

Subject: Section 7216 compliance package — [Firm name] subscription inquiry / renewal

Hi Blue J team,

[I'm a current Blue J subscriber / I'm evaluating Blue J for a US tax practice]. I'm working through the Section 7216 setup for AI-vendor use against client tax return information.

Could you send the Section 7216 compliance package — typically:
1. The Data Processing Addendum
2. Your US-only AWS region confirmation + the 24-hour file auto-deletion policy
3. The supplementary no-training contracts with OpenAI and Google (where Blue J's research uses them)
4. The current SOC 2 report

Thanks,
[Your name + title]

Blue J typically packages all four in a single PDF labeled “Section 7216 Compliance Package” or similar. They ship it as part of standard sales — if you didn’t receive it at subscription, ask.

Template D — Microsoft 365 Copilot

Subject: Copilot DPA scope confirmation for tax-practice use — [Firm name]

Hi Microsoft 365 Trust team,

[Firm name] runs a US tax practice on Microsoft 365 [Business Standard / Business Premium / E3 / E5]. We've added Microsoft 365 Copilot to our tenant and use it against documents that include client tax return information protected under IRC Section 7216.

Could you confirm in writing:
1. That Copilot prompts and responses are not used to train Microsoft's foundation models, per the existing Enterprise Data Protection (EDP) terms applicable to our tenant
2. That data residency for our Copilot use sits within the data-region of our M365 tenant (please confirm the region)
3. That the existing M365 DPA covers Copilot use, or whether a Copilot-specific addendum exists
4. The current SOC 2 Type II report for Copilot

Thanks,
[Your name + title]

Microsoft’s response usually points to the existing tenant-level Online Services DPA + the Product Terms that already cover Copilot. Get the pointer in writing.

Template E — Generic CLEAN-tier vendor (TaxGPT Pro / Hive Tax / Juno / Filed / K1x / etc.)

Subject: Section 7216 documentation request — [Firm name] subscription

Hi [Vendor] team,

[Firm name] is a US tax practitioner [evaluating / currently subscribed to] [Product]. I'm working through the Section 7216 setup for AI-vendor use against client tax return information.

Could you send:
1. The current Data Processing Addendum (executed copy if available)
2. Your most recent SOC 2 Type II report (or Type I + roadmap if Type II is in progress)
3. Written confirmation: (a) US data residency, (b) prompts/outputs not used to train models, (c) deletion timeline for stored prompts and outputs, (d) breach-notification SLA
4. Any Section 7216-specific consent language template your team has developed for customer use

We're filing these in our firm's WISP and Section 7216 audit-trail records.

Thanks,
[Your name + title]

The five items are the minimum kit. Vendors that respond with all five signal a mature compliance posture; vendors that respond with “we’re SOC 2 compliant” without producing the document signal a posture not yet built.

Artifact 3 — Audit-trail log template

Spreadsheet structure. Set up once; logs go in row-by-row.

Tab 1 — Active consents on file

Client (last name)	Engagement ID	Vendor(s) named in consent	Consent signed date	Consent expires	State overlay (CA/NY/none)	Doc location (WISP/PM)
Anderson	2026-1040-001	ChatGPT Team, Blue J	2026-01-15	2027-01-15	none	WISP/2026/Anderson/
Brown	2026-1120S-007	ChatGPT Team	2026-02-08	(engagement-letter rider)	none	EL rider — Brown 1120-S

Tab 2 — Use log (every AI session against client tax-return information)

Date	Client	Engagement ID	Vendor used	Use type	Prompt summary (15 words max)	Output kept?	Reviewer initials	Notes
2026-03-04	Anderson	2026-1040-001	Blue J	Tax research	Section 469(c)(7) REP-status hour test under OBBBA	Y	DT	Saved to research/
2026-03-04	Anderson	2026-1040-001	ChatGPT Team	Drafting	Client letter explaining REP eligibility	Y	DT	Saved to correspondence/

Tab 3 — Annual review calendar (auto-populated from Tab 1)

Consent expires	Client	Action due 30 days before	Reviewer	Done?
2026-12-15	Smith	Reissue consent for 2027 cycle	[Initials]	[ ]
2027-01-15	Anderson	Reissue consent for 2027 cycle	[Initials]	[ ]

Why this structure: Tab 1 answers “who’s signed what, for which vendors, when does it expire” — the first question a §7216 examiner would ask. Tab 2 answers “for which client and which prompt did you use which vendor” — the §10.22 due-diligence trail. Tab 3 keeps consents from lapsing silently mid-cycle.

A copy of the prompt itself does not need to be retained — the “prompt summary, 15 words max” column is enough for audit-defense. Storing the full prompt creates a separate problem: prompts contain tax-return information. Don’t store tax-return information in your log; store the metadata.

Artifact 4 — Engagement letter rider (for business returns)

§301.7216-3(a)(3)(iii) permits non-1040 returns (1120, 1120-S, 1065, 1041) to embed §7216 consent in the engagement letter. Drop-in rider language:

AI Service Provider Disclosure

In preparing your tax return, our firm may use the following AI service
providers to perform specific functions: [name vendor 1, e.g. OpenAI
ChatGPT Team / Enterprise, for drafting and document summarization],
[name vendor 2, e.g. Blue J Inc., for tax research and primary-authority
retrieval], and [name vendor 3 if applicable].

Each of these providers has signed a Data Processing Addendum with our firm
requiring that your tax return information not be used to train AI models, be
stored only in the United States, and be deleted within a specified period.
Each provider holds SOC 2 [Type I / Type II] certification, which we
re-verify annually.

Federal law requires that this disclosure be provided to you. Unless
authorized by law, we cannot disclose your tax return information to third
parties for purposes other than the preparation and filing of your tax return
without your consent.

If you consent to the disclosure of your tax return information, Federal law
may not protect your tax return information from further use or distribution.
You are not required to consent. If you have specific concerns about any of
the listed AI service providers, please notify our firm before we begin work
and we will adjust our preparation workflow accordingly.

Some AI services may make errors. Our firm's responsibility for the accuracy
of your return is not diminished by use of these tools.

If you believe your tax return information has been disclosed or used
improperly in a manner unauthorized by law or without your consent, you may
contact the Treasury Inspector General for Tax Administration (TIGTA) at
1-800-366-4484 or at complaints@tigta.treas.gov.

Your signature on the engagement letter below constitutes your knowing,
voluntary, and written consent to the disclosure described above, effective
on the date of signature and valid for one year unless otherwise specified.

Notes:

Use this rider ONLY for non-1040 returns. 1040 returns require a separate consent document — the rider path does not work for individual returns. The consent generator tool produces the separate 1040 consent.
The “valid for one year” clause matches the §301.7216-3(b)(5) default. If you want a different duration, name the period explicitly.
For multi-state engagements, append the relevant state rider language (CA Business and Professions Code §17530.5; NY Tax Law §32). The consent generator produces these state riders.
The rider must NAME the specific vendor(s). “Various AI tools” without a named list fails the specificity requirement.

Artifact 5 — Client-facing FAQ

Three drop-in answers for the three questions clients most often ask when they see the consent. Use as scripted answers on a discovery call, in a portal message, or paraphrased in the engagement-letter cover note.

“Why am I being asked to sign this?”

Federal law (IRC Section 7216) requires that we get your written permission before we share your tax return information with any third-party software or service that helps us prepare your return. AI tools count. We use named AI tools to speed up research and drafting, and the federal rule requires us to name those tools to you, explain what they do with your data, and get your signature. The signature protects you — and it protects us. The consent is one page, signed once per year per tool.

“What happens to my data?”

Three things, in this order. First, your data is sent to the specific AI tool we named in the consent. We use it for a defined purpose — drafting, summarizing, or researching tax law. Second, the AI vendor processes it under a signed Data Processing Addendum with our firm that requires four things: your data is not used to train the vendor’s AI models, your data stays in the United States, your data is deleted within a defined period, and the vendor has been independently audited (SOC 2) for security. Third, we keep an internal log of when we used the tool for your return, what we asked it, and whether we kept what it produced. We sign off on every output before it goes into your return.

“Is this required? Can I refuse?”

The consent is voluntary. You can refuse and we will prepare your return without using any of the named AI tools — it costs us a bit more time per return, but it is your right and we will respect it. If you refuse, we’ll adjust our preparation workflow and let you know if anything changes about timing or fee. There’s no penalty for refusing. The only thing that’s not optional is the federal law that requires us to ask.

FAQ

What if I’m already using a CLEAN vendor but haven’t gotten the consents signed?

Stop using it against client tax-return information until the consent is in place. Per §301.7216-3(b)(1), consent cannot be retroactive. The disclosures you’ve already made are technically violations (the rate of §7216 violation across the practitioner population is plausibly 30-50% — you are not alone — but the path forward is to stop, not to backfill). Get the consents signed now and resume with the consent on file.

Do I need a new consent every year?

By default, yes — §301.7216-3(b)(5) sets one year as the default duration. You can write a longer duration into the consent itself; the cleaner position is to renew annually so the vendor list stays current. The annual review (Step 6) is the operational discipline this hinges on.

What about a vendor that changes hands or gets acquired?

Issue a new consent. The DPA you have is between your firm and the prior vendor entity; acquisitions transfer assets but DPAs sometimes don’t survive intact. Re-acquire the DPA from the new entity using Template E.

What if I want to use a vendor not in the matrix?

Don’t, until you’ve vetted it against the four CLEAN-tier requirements: SOC 2 (Type II preferred), signed DPA, US data residency, no-train clause. If it passes all four, use it. Template E gets you the documentation in a week. If it fails any one, treat it as DIRTY.

What about the §10.22 review trail — does this module cover that?

Partially. The audit-trail log (Artifact 3) is the §7216 + §10.22 intersection. The deeper §10.22 review-trail layer — the pre-Form-8879 anomaly-review pass — sits in Module S3 (Pre-signature anomaly review), which pairs with the Circular 230 + AI article. Run S1 first; S3 next.

Section 7216 AI consent: the rules and the template — the why-this layer; read first if you haven’t
Section 7216 consent generator — the consent-document automation; Step 3 of this module
Circular 230 and AI: §10.22, §10.35, §10.37 — the §10.22 review-trail layer; pairs with Module S3
Module S3 — Pre-signature anomaly review — the next module in the Solo pathway

If you’d rather have the §7216 setup, the vendor evaluation, the DPA acquisition, and the firm-wide audit-trail rollout done for you instead of doing it yourself: Tunderman, the publisher of this site, does AI implementation for tax practices. Typical engagement: 1-3 weeks for a solo / small-firm setup, scaling with firm size and stack depth. Reach us at editorial@aitaxpractitioner.com.