Target Dates Have Not Been Established to Eliminate or Reduce Taxpayer Social Security Numbers From Outgoing Correspondence
August 13, 2010
Reference Number: 2010-40-098
This report has cleared the Treasury Inspector General for Tax Administration disclosure review process and information determined to be restricted from public release has been redacted from this document.
Phone Number | 202-622-6500
Email Address | inquiries@tigta.treas.gov
Web Site |
http://www.tigta.gov
HIGHLIGHTS
TARGET DATES HAVE NOT BEEN ESTABLISHED TO
ELIMINATE OR REDUCE TAXPAYER SOCIAL SECURITY NUMBERS FROM OUTGOING CORRESPONDENCE
Highlights
Final Report issued
on August 13, 2010
Highlights of Reference
Number: 2010-40-098 to the Internal
Revenue Service Deputy Commissioner for
Operations Support.
IMPACT ON TAXPAYERS
More
than 130 million taxpayers entrust the Internal Revenue Service (IRS) with
sensitive financial and personal data, much of it on paper documents requiring
protection. Taxpayers need to be assured
that the IRS is taking every precaution to protect their private information
from inadvertent disclosure.
WHY TIGTA DID THE AUDIT
This audit was initiated because the Social Security Number is now a vital piece of
information needed to function in American society to pay taxes, obtain a
driver’s license, or open a bank account, among other things. Identity theft affects
tax administration when an individual intentionally uses the Social Security
Number of another person to file a false tax return or fraudulently obtain
employment. Another person’s Social Security Number is the most valuable
tool an identity thief can obtain to commit financial fraud, and the Social
Security Number becomes even more valuable if it is linked to other
personal data of the Social Security Number owner, such as information required
to prepare a tax return. TIGTA conducted
this audit to determine whether the IRS is efficiently eliminating the unnecessary
collection and use of taxpayer Social Security Numbers.
WHAT
TIGTA FOUND
In response to Office of Management and Budget Memorandum 07-16, the IRS developed and is
implementing its Social
Security Number Elimination and Reduction (SSN ER) Plan. A majority of a sample of SSN ER Plan accomplishments could
be validated. However, most of the
supporting documentation had to be reassembled, and it was not clear if the IRS
had validated the accomplishments before reporting them. Milestones for Phase 3 of the SSN ER Plan have not been
established.
The IRS will not be eliminating or reducing the use of
taxpayers’ Social Security Numbers in the immediate future. The IRS has many systems, notices, and forms
that use Social Security Numbers which require significant analysis before
Social Security Number use is eliminated or reduced. The IRS focused first on internal forms
using Social Security Numbers and eliminating employees’ Social
Security Numbers from its systems.
WHAT TIGTA RECOMMENDED
TIGTA
recommended that the Deputy Commissioner for Operations Support maintain
documentation to support major deliverables and key meetings so that it is
readily available for examination. The Deputy
Commissioner should also validate data received from the business units and all
accomplishments to ensure all needed actions are complete, and refine and
update the milestones for the SSN ER Plan to ensure timely progress of the strategy.
The IRS agreed with the recommendations. It created a dedicated SSN ER shared folder
to maintain documentation related to major SSN ER Program deliverables and key
meetings and will ensure specific report and source materials are readily
available for examination. The SSN ER Program
team has also identified a team member as the Records Historian. The IRS will implement a data validation
process for all SSN ER Plan accomplishments to ensure all required actions are
completed. Finally, the IRS will
strengthen Program milestones by refining and updating milestones quarterly to
ensure timely progress of Program strategies.
August 13, 2010
MEMORANDUM FOR DEPUTY COMMISSIONER FOR OPERATIONS SUPPORT
FROM: Michael R. Phillips /s/ Michael R. Phillips
Deputy Inspector General for Audit
SUBJECT: Final Audit Report – Target Dates Have Not Been Established to Eliminate or Reduce Taxpayer Social Security Numbers From Outgoing Correspondence (Audit # 200940040)
This report presents the results of our review to determine whether the Internal Revenue Service is efficiently eliminating the unnecessary collection and use of taxpayer Social Security Numbers. This audit was included in our Fiscal Year 2010 Annual Audit Plan and addresses the major management challenge of Taxpayer Protection and Rights.
Management’s complete response to the draft report is included as Appendix IV.
Copies of
this report are also being sent to the Internal Revenue Service managers
affected by the report recommendations. Please
contact me at (202) 622-6510 if you have questions or Michael E. McKenney,
Assistant Inspector General for Audit (Returns Processing and Account Services),
at (202) 622-5916.
Appendices
Appendix
I – Detailed Objective, Scope, and Methodology
Appendix
II – Major Contributors to This Report
Appendix
III – Report Distribution List
Appendix
IV – Management’s Response to the Draft Report
Abbreviations
|
IRS |
Internal Revenue Service |
|
OMB |
Office of Management and Budget |
|
SSN ER |
Social Security Number Elimination and
Reduction |
In February 2010, the Federal Trade
Commission reported that identity theft was the number one consumer complaint category
in Calendar Year 2009.F[1]F Identity theft occurs when
someone uses Personally Identifiable Information, such as an individual’s name,
Social Security Number, credit card numbers, or other account information, to
commit fraud and other crimes. The Internal
Revenue Service (IRS) Office of Privacy, Information Protection, and Data
Security defines Personally Identifiable Information as any combination of
information that can be used to uniquely identify, contact, or locate a person
and could subsequently be used for identity theft.
More than 130 million taxpayers entrust the
IRS with sensitive financial and personal data, much of it on paper documents
requiring protection. For Calendar Year 2010,F[2]F the IRS mailed more than 42 million
notices and letters to individual taxpayers for various reasons,
including:
·
More
than 20.1 million balance due notices. Taxpayers
with outstanding tax liabilities receive balance due notices informing them of
their outstanding tax liabilities. Shown
at right is a portion of a notice that the IRS mailed to a taxpayer.
·
More
than 2 million letters issued by the Automated Collection System.F[3]F For example, these are letters
mailed to taxpayers advising them that a levy is being placed on their property
or to confirm a taxpayer’s payment agreement to satisfy an outstanding
tax liability.
·
More
than 9.7 million correspondence letters.
Correspondence letters can request information from taxpayers or advise
them of possible adjustments to their tax returns.
Most of these notices and letters include taxpayers’ Social Security Numbers because they require the taxpayer to respond to the IRS. Taxpayers need to be assured that the IRS is taking every precaution to protect their private information from inadvertent disclosure.
Although the Social Security
Number was created as a means to track workers’ earnings and eligibility for
Social Security benefits, it is now a vital piece of information needed to
function in American society. Because of
its unique nature and broad applicability, the Social Security Number has
become the identifier of choice for public and private sector entities, and it
is used for numerous non-Social Security purposes. Today,
Legislative
Requirements
Two primary laws, the Privacy Act of 1974F[4]F and the E-Government Act of 2002,F[5]F give Federal agencies responsibilities for protecting Personally
Identifiable Information, including ensuring its security. In addition, the Federal Information Security
Management Act of 2002F[6]F requires agencies to develop, document, and implement agency-wide
programs to provide security for their information and information systems
(which include Personally Identifiable Information and the systems on which it
resides).
The Office of
Management and Budget (OMB) has also issued numerous memoranda to Federal
agencies. On May 22, 2007, the OMB
issued Memorandum 07-16 (M-07-16), “Safeguarding Against and Responding to the
Breach of Personally Identifiable Information,” to the heads of executive
departments and agencies requiring that:
Within 120 days from the date of this memo, agencies
must establish a plan in which the agency will eliminate the unnecessary
collection and use of social security numbers within eighteen months.
The memorandum requires agencies to review and reduce the volume of Personally Identifiable Information to the minimum necessary and reduce the use of Social Security Numbers. The memorandum emphasizes the need for proper privacy and security safeguards to protect Personally Identifiable Information in both electronic and paper-based formats.
This review was performed at the IRS National Headquarters
in
The Internal Revenue Service Has Implemented the Social Security Number Elimination and Reduction Plan
In response to OMB M-07-16,
the IRS developed and is implementing its Social Security Number Elimination and Reduction (SSN ER) Plan. The Plan outlines the IRS’
implementation methodology, transition to new business practices, and the
future state of the SSN ER Program.
The IRS submitted the first release
of its SSN ER Plan to the Department of the Treasury in November 2007. To date, the IRS has provided three releases
of its Plan to reduce or eliminate the use of Social Security Numbers to the
Department of the Treasury for incorporation into the Department’s overall plan. The
final release was submitted in February 2009.
The SSN ER Plan is
broken down into three phases. The IRS
is in Phase 2.
·
Phase 1: Data Gathering and Inventory.
·
Phase 2: Review Analysis and
Identification of Solutions.
·
Phase 3: Implementation and Compliance
Management.
The SSN ER Plan methodology
includes identifying opportunities to eliminate or reduce Social Security Number
use, reducing IRS reliance on the Social Security Number, and replacing Social Security
Numbers as identifiers. The transition
to new business practices includes introducing new policies and procedures
enterprise-wide to institutionalize the need to continuously reconsider Social Security
Number use. These practices will be
communicated internally to IRS employees as well as externally to taxpayers,
agency partners, and stakeholders.
The
IRS’ key message is to improve taxpayer service and reduce taxpayer burden by
minimizing the use of Social Security Numbers and increasing information
safeguards and awareness regarding agency use.
The future state of
the SSN ER Program involves moving into compliance management. This includes implementing the SSN ER Plan,
business unit progress tracking and reporting, monitoring adherence with
internal policies and Federal Social Security Number requirements, and internal
and external communication and awareness.
The IRS has also been an active participant in several work groups with the Department of the Treasury and other Federal agencies exploring ways to minimize or eliminate Social Security Number use.
The Internal Revenue Service Will Not Be Eliminating or Reducing the Use of Taxpayers’ Social Security Numbers in the Immediate Future
During Fiscal Year 2009, the IRS mailed 201 million notices
(including letters) to taxpayers — most of which contained taxpayer Social
Security Numbers. The IRS has many systems,
notices, and forms that use taxpayer Social Security Numbers—all requiring
significant analysis to determine if taxpayer Social Security Numbers are
necessary or can be eliminated. The
following have been identified that may contain taxpayer Social Security Numbers.
·
More than 500
different computer systems.
·
More than 6,000 types
of internal and external forms.
·
20 categories of
individual taxpayer notices (e.g., Adjustments, Balance Due, and Math Error), 155 notice
types (e.g., Examination Adjustment Notice; Balance Due $5 or More, No Math
Error; and Math Error, Overpayment of $1 or More). The IRS stated it has more than 800 letters
and correspondence.
Since the IRS submitted its first release of the SSN
ER Plan to the Department of the Treasury in the first quarter of Fiscal Year
2008, it has redacted or truncated taxpayers’ Social Security Numbers from only
a small number of systems, notices, and forms.
·
Transmittal
Document (Form 3210) used when transferring taxpayer files between IRS
functions and offices. The IRS now lists
the last four digits of the taxpayer’s Social Security Number on the Form.
·
Notices and letters
associated with the economic stimulus paymentF[7]F and Identity Theft Program.F[8]F The IRS
developed the new notices and letters so that they would not require the
taxpayer’s full Social Security Number.
·
Integrated Data
Retrieval SystemF[9]F
command code used to verify taxpayer identities. This command code uses only the last 4
digits of the primary or secondary taxpayer’s Social Security Number, the first
10 characters of the last name (or less, if there are less than 10 characters
in the last name), and the date of birth without the year to search for the
matching name(s) and address(es). The
taxpayer needs to provide only the last four digits of his or her Social
Security Number.
Since the command
code was made available to IRS employees, about 50,600 requests were made
from October 27, 2009, through March 31, 2010.
About 35,800 of the command code requests (71 percent) were successful.
In addition, the IRS issued Internal Revenue Bulletin 2009-51 that outlines a pilot program to truncate the Social Security Number on the printed copies of the U.S. Information Return series (Form 1099) and Mortgage Interest Statement (Form 1098).
The IRS focused first on internal forms and employee Social Security Numbers
The IRS stated that it focused
first on internal forms using Social Security Numbers because it has
more latitude to change the presentation of the data on the form if it does not
leave the IRS. If it leaves the IRS,
consideration must be given to the effect any changes will make on the
receiving organization. The IRS
has also focused on eliminating employee’s Social Security Numbers from its
systems.
Systems and taxpayer correspondence containing taxpayer Social
Security Numbers present complications because processes must also be analyzed and
revised before reducing or eliminating taxpayer Social Security Numbers. This is because Social Security Numbers are
used to associate correspondence and documents with taxpayer accounts.
In addition, before revising forms and notices, the IRS
must first analyze the various options for eliminating or reducing the Social
Security Numbers (e.g., eliminating or masking the Social Security Number, or
using barcodes). The IRS began the
lengthy process of analyzing the programming costs for the various systems in
February 2009. Initial results of
the analysis were provided in November 2009.
Controls need to be improved to ensure the IRS takes all necessary actions to reduce or eliminate the unnecessary use of Social Security Numbers
As the IRS moves forward to reduce and eliminate the use of taxpayer Social Security Numbers, it needs to improve internal controls to ensure all planned actions are appropriately and timely accomplished. The IRS needs to maintain a complete list of systems, notices, and forms with associated actions for monitoring purposes. It also needs to ensure milestones are established and updated when necessary.
The majority of the accomplishments in the SSN ER Plan could be validated but documentation needs to be improved
Release 3 of the SSN ER Plan includes 35 statements purporting Plan accomplishments. The IRS was able to support the majority of the nine Plan accomplishments tested. However, most of the supporting documents had to be reassembled.
In addition, it was unclear if the IRS had validated the accomplishments before reporting them. For example, the Plan stated that the IRS had implemented the use of a Standard Employee Identifier in lieu of the Social Security Number for one of the IRS’ major application systems. IRS officials also advised us that the option to sign into the system with a Social Security Number was to be removed by February 2010. Nevertheless, as of April 15, 2010, employees still had the ability to sign into the system using either a Social Security Number or a Standard Employee Identification Number.
Documentation
was not adequately maintained to support and corroborate Plan accomplishments.
Because documentation was not adequately maintained, there was no support to corroborate the Plan’s accomplishments. Without validation, there is no assurance that all systems and forms using taxpayers’ Social Security Numbers are identified and reduced or eliminated. The inability to document or explain the steps taken to validate the accomplishments makes it difficult for the IRS to demonstrate why it may not be feasible to remove or reduce Social Security Numbers from systems and outgoing correspondence.
The SSN ER Program currently consists of only four employees. The SSN ER Program has experienced management and employee turnover during the development and implementation of the SSN ER Plan. Managers have been detailed to other assignments or taken other positions within the IRS. One analyst who reviewed data was a part-time employee. Finally, the current Program manager stated that the SSN ER Program does not have the level of resources needed to dedicate one person to validate data and accomplishments (i.e., ensure taxpayer Social Security Numbers have been eliminated or masked, or ensure support for not removing them has been evaluated and approved).
The Office of Privacy, Information Protection, and Data Security has also been developing an IRS‑wide Authentication Strategy. The Authentication Strategy promotes data protection and enables ease of access to maintain public confidence and improve customer service. The goals are to enhance an IRS-wide authentication internal control framework to address risk, deter fraudulent access, and institutionalize a common set of principles for authenticating taxpayers when contacting the IRS.
There are no target dates for decisions on whether taxpayers’ Social Security Numbers can be removed from notices and/or letters
Detailed Implementation
and Compliance Management milestones have not been established. The SSN
ER Plan provided a strategic roadmap that showed Ongoing Compliance Management
beginning in Calendar Year 2011. However, milestones have not been updated
since Release 3 of the SSN ER Plan or established for Phase 3 of the Plan,
Implementation and Compliance Management.
In addition, while the IRS has prepared draft outcome measures for the
SSN ER Program related to forms and notices,
it has not developed outcome measures related to its systems.
The IRS was using a tracking
tool for each of the targeted SSN ER Plan areas (e.g., System Tracking Tool, a
Correspondence Tracking Tool (tracks notices and letters), and a Forms Tracking
Tool). Each tool was populated with
inventory data (notices, letters, systems, etc.). After IRS offices responsible for the
notices, letters, or systems decided if Social Security Numbers were essential
or not essential, the tracking tools were updated. There were no target dates for any of the
pending actions or decisions.
The IRS is creating
an electronic SSN ER Program Compliance Management tool. The IRS stated this tool will eventually
replace the need for the SSN ER Program tracking tools and spreadsheets. The new tool will allow for real-time updates
and will assist the SSN ER Program team in its daily tracking of the ongoing Social
Security Number mitigation progress. It
will also allow the team to follow up on future SSN ER Plan compliance actions
and provide progress reporting. However,
the tool only tracks actions; it does not set milestones or expectations.
Internal
controls should be designed to assure that ongoing monitoring occurs as the SSN
ER Plan progresses. Monitoring should be
performed continually and be ingrained in the operations. It includes regular management and
supervisory activities, comparisons, reconciliations, and other actions people
take in performing their duties. The key benefit to monitoring is that is
helps assure project performance is observed and measured regularly to identify
variances from the Plan. Without interim
milestones, it is difficult to gauge the progress of the Plan.
Recommendations
The Deputy Commissioner for Operations Support should:
Recommendation 1U: Maintain documentation to support major deliverables and key meetings so that it is readily available for examination.
Management’s ResponseU: IRS management agreed with this recommendation. The IRS created a dedicated SSN ER shared folder to maintain documentation related to major SSN ER Program deliverables and key meetings and will ensure specific report and source materials are readily available for examination. The SSN ER Program team has also identified a team member as the Records Historian. The Records Historian will establish record retention standards, as needed, on documents not currently covered in a records control schedule.
Recommendation 2U: Validate data received from the business units and all accomplishments to ensure all needed actions are complete.
MManagement's Response: IRS management agreed with this recommendation. The IRS will implement a data validation process for all SSN ER Plan accomplishments to ensure all required actions are completed.
As part of this process, the IRS will leverage a current IRS application as an SSN ER Compliance Management Tool to track, monitor, and report ongoing SSN ER compliance progress throughout the enterprise. This Tool will house all SSN ER Program compliance data and establish an electronic case file for each system, notice, letter, and form that uses Social Security Numbers. This system is currently going through user acceptance testing and will be released by October 1, 2010.
Recommendation 3: Refine and update the milestones for the SSN ER Plan to ensure timely progress of the strategy.
UManagement’s ResponseU: IRS management agreed with this recommendation. The IRS will strengthen Program milestones by refining and updating milestones quarterly to ensure timely progress of Program strategies.
The IRS SSN ER 2-D Barcode Project is currently producing documents and artifacts for Project Milestones 1 and 2 as defined by the Enterprise Life Cycle. The 2-D Barcode Project, one of the solutions for the SSN ER Plan, will encode the Social Security Number within a two-dimensional barcode on IRS notices and will also provide the necessary tools to read and identify taxpayers when they respond to IRS notices. The Project is scheduled to complete Milestones 1 and 2 by October 1, 2010. Additional milestone dates will be established at that time.
Appendix I
Detailed Objective, Scope, and Methodology
The overall objective of this
review was to determine whether the IRS is efficiently eliminating the
unnecessary collection and use of taxpayer Social Security Numbers. To
accomplish our objective, we:
I.
Determined
the expectations of OMB
Memorandum 07-16 (M-07-16), “Safeguarding Against and Responding to the Breach
of Personally Identifiable Information,” and if the IRS met the Department of the Treasury (Treasury) and OMB
expectations.
A.
Reviewed the IRS’ current plans and reports
relating to OMB M-07-16.
B.
Determined Treasury’s evaluation and
opinion/conclusion of the IRS’ submitted plans, efforts, and actions to
eliminate the unnecessary use of Social Security Numbers by interviewing officials
in the Treasury Office of Privacy and Treasury Records.
C.
Determined OMB’s evaluation and opinion/conclusion
of the Treasury/IRS submitted plans, efforts, and actions to eliminate the
unnecessary use of Social Security Numbers by interviewing officials in the OMB
Office of Information and Regulatory Affairs.
II.
Determined
the accuracy of the 35 accomplishments cited in the IRS SSN ER Plan,
Version 3.0, dated February 17, 2009.
A.
Met with IRS officials to discuss the process
followed for validating the February 17, 2009, SSN ER Plan.
B.
Selected a judgmental sample of 9
accomplishments from the 35 accomplishment statements and identified the source
information supporting the statements.
We selected a judgmental sample because of the small population size
(35) and to ensure we sampled accomplishments related to systems, notices, and
forms.
C.
Reviewed the source documents and supporting
documentation provided by the IRS to determine the accuracy of the Plan
statements.
III.
Determined
if the universal population of IRS systems, notices, and forms appeared
complete.
IV.
Determined
the process used to prioritize the Social Security Number inventory to
immediately eliminate, replace, or mask the Social Security Number or to
include in the enterprise-wide plan to seek an alternative method to safeguard
the Social Security Numbers.
V.
Identified
delivery milestones and actions to be taken.
UInternal controls methodology
Internal controls relate to management’s
plans, methods, and procedures used to meet their mission, goals, and
objectives. Internal controls include
the processes and procedures for planning, organizing, directing, and
controlling program operations. They
include the systems for measuring, reporting, and monitoring program
performance. We determined the following
internal controls were relevant to our audit objective: Office of Privacy policies, procedures, and
practices for implementing the SSN ER Plan.
We evaluated these controls by interviewing management and employees and
reviewing documentation to support the accomplishments and activities as
outlined in the SSN ER Plan.
Appendix II
Major Contributors to This Report
Michael
E. McKenney, Assistant Inspector General for Audit (Returns Processing and
Account Services)
Augusta
R. Cook, Director
Paula
W. Johnson, Audit Manager
Lynn
Faulkner, Lead Auditor
Geraldine
Vaughn, Auditor
Appendix III
Commissioner C
Office of the Commissioner – Attn: Chief of Staff C
Deputy
Commissioner for Services and Enforcement
SE
Chief Technology Officer OS:CTO
Commissioner, Small Business/Self-Employed Division SE:S
Commissioner, Wage and Investment Division
SE:W
Director, Privacy, Information Protection, and Data Security OS:P
Associate Chief Information Officer, Enterprise Services OS:CTO:ES
Associate Chief Information Officer, Strategy and Planning OS:CTO:SP
Director, Campus Compliance Services, Small Business/Self-Employed Division SE:S:CCS
Director, Collection, Small Business/Self-Employed Division SE:S:C
Director, Customer Account Services, Wage and Investment Division SE:W:CAS
Director, Customer Assistance, Relationships and Education, Wage and Investment
Division SE:W:CAR
Director, Examination, Small Business/Self-Employed Division SE:S:E
Director, Privacy and Information Protection
OS:P:PIP
Director, Strategy and Finance, Wage and Investment Division SE:W:S
Deputy Associate Chief Information Officer, Systems Integration OS:CTO:ES:SI
Director, Accounts Management, Wage and Investment Division SE:W:CAS:AM
Director, Campus Filing and Payment Compliance, Small Business/Self-Employed
Division SE:S:CCS: FPC
Director, Campus Reporting Compliance, Small Business/Self-Employed Division SE:S:CCS:CRC
Director, Media and Publications, Wage and Investment Division SE:W:CAR:MP
Director, Office of Privacy OS:P:PIP:P
Director, Portfolio Planning and Estimation
OS:CTO:SP:PPE
Director, Strategy and Capital Planning
OS:CTO:SP:SCP
Chief, Program Evaluation and Improvement, Wage and Investment Division SE:W:S:PRA:
Chief Counsel CC
National Taxpayer Advocate TA
Director,
Office of Legislative Affairs CL:LA
Director, Office of Program Evaluation and Risk Analysis RAS:O
Office of Internal Control OS:CFO:CPIC:IC
Audit Liaisons:
Chief Technology Officer OS:CTO
Commissioner, Small Business/Self-Employed Division SE:S
Director, Privacy, Information Protection, and Data Security OS:P
Senior Operations Advisor, Wage and Investment Division SE:W:S
Chief, GAO/TIGTA/Legislative Implementation Branch, Small Business/Self-Employed Division SE:S:CLD:PSP:GTL
Chief, Program Evaluation and
Improvement, Wage and Investment Division
SE:W:S:PRA:
Appendix IV
Management’s Response to the Draft Report
DEPARTMENT OF THE TREASURY
INTERNAL REVENUE SERVICE
PRIVACY,
INFORMATION PROTECTION
AND
DATA SECURITY
July 30, 2010
MEMORANDUM FOR DEPUTY INSPECTOR GENERAL FOR
AUDITS
FROM: for
Deborah G. Wolf /s/ James F. Weaver
Director, Privacy Information Protection
& Data Security
SUBJECT: Draft
Inspection Report. Target Dates Have Not Been Established to Eliminate or
Reduce Taxpayer Social Security Numbers from Outgoing Correspondence (Audit
#200940040)
Thank you for the opportunity to respond to
the referenced draft report. Protecting the sensitive data entrusted to the
Internal Revenue Service (IRS) by taxpayers and employees is vital to
maintaining the public's trust in the
The IRS has made significant strides in
eliminating or reducing the use of SSNs within IRS systems, notices, letters
and forms. In compliance with the OMB mandate, we completed a review of the use
of SSNs in IRS programs and Federal Information Security Management Act (FISMA)
and non-FISMA systems and identified instances where the collection or use of
the SSN was not necessary. We have implemented numerous mitigation strategies
related to SSN usage and continue our progress in eliminating or reducing the
use of the SSN as an identifier. This progress is described in more detail
below:
• Redaction of SSNs from Fiscal Year (FY)
2008 Economic Stimulus letters - The IRS successfully redacted SSNs from all 122,757,212
Economic Stimulus letters (Notice 1378) sent to taxpayers in FY 2008.
• Taxpayer
Identification Number (TIN) Masking On Information Returns – in partnership
with IRS Chief Counsel and the Department of the Treasury General Counsel, we
developed Notice 2009-93, published on November 19, 2009, to permit partial
masking of all but the last four digits of the SSN on Forms 1099, 1098 and
5498. This pilot program will allow for the partial masking of SSNs on paper
payee statements for 2009 and 2010. The projected number of taxpayers that will
be protected by this effort is 34,959,000.
• SSN
Redaction from Automated Collection System (ACS) Letters - The IRS redacted
SSNs on numerous taxpayer sensitive and enforcement-related letters. The
redaction of the SSN on ACS letters not only reduces the risk of identity theft
but also reduces the exposure of sensitive taxpayer information. During FY 2008
and FY 2009, over 10 million collection notices were redacted, and in some cases
SSNs were fully removed.
•
Research Command Code -In
November 2009, the IRS developed a new approach to authenticating taxpayers
that does not require the full use of their SSNs. Utilizing IRS' Integrated
Data Retrieval System (IDRS), the Taxpayer Personally Identifiable Information
Protection (TPIIP) research command code was implemented into work practices
throughout the organization including the Taxpayer Advocate Service. The tool
allows IDRS users in both campus and field offices to identify and/or
authenticate taxpayers using a truncated or partial SSN. Pairing the last four
digits of a taxpayer's SSN with identifiable information contained within IDRS
TPIIP has proved to be a highly reliable tool to provide system and business
process owners with corresponding account information. Through June 2010, there
were over 86,000 accesses using the new command code. The IRS continues to look
for new opportunities to incorporate the use of the new command code in our
business processes.
•
Identification of SSN Elimination and Reduction (ER) Solutions – Since 2008, the IRS has identified enterprise-wide
solutions to eliminate and reduce SSNs in various IRS systems, notices, letters
and forms. Examples of solutions that have already been implemented across the
enterprise include:
·
removal of SSNs from notices,
forms and letters that do not require SSNs for processing;
·
partial masking of SSNs on system displays,
notices, letters and form fields that require SSNs for processing; and
·
use of an employee identifier to replace the
SSN for all employee system access and employee forms, letters and notices.
Additionally, the IRS has taken the lead to
engage other federal and state government agencies to incorporate best
practices into our SSN ER program and to share progress on mitigation
strategies, including the following efforts:
•
SSN Elimination and
Reduction Interagency Sub-Committee - We recruited participants and initiated quarterly
meetings in 2007 to share SSN ER best practices between federal agencies.
•
Federation of Tax
Administrators - IRS Tactical Advisory Group
(TAG) - This group was chartered as a vehicle for the IRS and state
agencies to collaborate in striving to eliminate or reduce the use of SSNs.
This monthly venue provides a means for sharing SSN ER initiatives and
communicating concerns and impacts between the IRS and state agencies. The
group includes representatives from
Continuing the forward momentum on SSN ER,
the IRS recently approved funding for a new initiative focused on replacing the
SSNs on notices with a 2D barcode. Development of the 2D barcode technology for
use within IRS system generated notices is key to the success of the SSN ER
effort, as it will allow the IRS to encode taxpayer data into a 2D barcode and
eliminate the printed SSN on outgoing correspondence. In turn, the 2D barcode
would be read by 2D imaging device scanners when correspondence is received
from the taxpayer; thus, further reducing the risk of exposure of taxpayer
SSNs. The project initiation artifacts have been developed and requisitions for
contractor support have been submitted. Requests have also been submitted to
secure both hardware and software to support the initiative. Milestone development
for the new initiative is ongoing and a preliminary timeline will be established
by October 1, 2010.
If you have any questions, please contact me
at (609) 278·-7732.
Attachment
Attachment
RECOMMENDATION
1: Maintain
documentation to support major deliverables and key meetings so that it is
readily available for examination.
CORRECTIVE
ACTION
We agree with this recommendation. We have
created a dedicated SSN Elimination and Reduction (ER) SharePoint folder to
maintain documentation related to major SSN ER program deliverables and key
meetings and will ensure specific report and source materials are readily
available for examination. The SSN ER program team has also identified a team
member as the Records Historian. The Records Historian will establish record
retention standards, as needed, on documents not currently covered in a records
control schedule.
IMPLEMENTATION DATE
Completed
RESPONSIBLE
OFFICIAL
Director, Privacy, Information Protection and
Data Security
CORRECTIVE
ACTION MONITORING PLAN
N/A
RECOMMENDATION
2: Validate data
received from the business units and all accomplishments to ensure all needed
actions are complete.
CORRECTIVE
ACTION
We agree with this recommendation. The IRS
will implement a data validation process for all SSN Elimination and Reduction
(ER) accomplishments to ensure all required actions are completed.
As part of this process, the IRS will
leverage the e-trak application as a SSN ER Compliance Management Tool to
track, monitor and report ongoing SSN ER compliance progress throughout the
enterprise. This tool will house all SSN ER compliance data and establish an
electronic case file for each system, notice, letter and form that uses SSNs.
This system is currently going through user acceptance tasting and will be
released by October 1, 2010.
IMPLEMENTATION
DATE
October 1, 2010
RESPONSIBLE
OFFICIAL
Director, Privacy, Information Protection and
Data Security
CORRECTIVE
ACTION MONITORING PLAN
We will monitor this corrective action as
part of our internal control system.
RECOMMENDATION
3: Refine and update
the milestones for the SSN ER Plan to ensure timely progress of the strategy.
CORRECTIVE
ACTION
We agree with this recommendation. The IRS
will strengthen program milestones by refining and updating milestones
quarterly to ensure timely progress of program strategies.
The IRS SSN ER 2-D barcode project is currently
producing documents and artifacts for Project Milestones 1 and 2 as defined by
the Enterprise Lie Cycle (ELC). The 2-D barcode project, one of the solutions
for SSN ER, will encode the SSN within a two-dimensional barcode on IRS notices
and will also provide the necessary tools to read and identify taxpayers when
they respond to IRS notices. The project is scheduled to complete Milestones 1
and 2 by October 1, 2010. Additional milestone dates will be established at
that time.
IMPLEMENTATION
DATE
October 1, 2010
RESPONSIBLE
OFFICIAL
Director, Privacy, Information Protection and
Data Security
CORRECTIVE
ACTION MONITORING PLAN
We will monitor this corrective action as
part of our internal control system.
[1] Consumer Sentinel Network Data Book for
January–December 2009, Federal Trade Commission, February 2010.
[2] Volumes are as of May 26, 2010.
[3] A telephone contact system through which telephone assistors collect unpaid taxes and secure tax returns from delinquent taxpayers who have not complied with previous notices.
[4] 5 U.S.C. Section (§) 552a (2006).
[5] HPub. L. 107-347H, 116 HStat.H 2899, 44 U.S.C. § 101.
[6] 44 U.S.C. §§ 3541 - 3549.
[7] The IRS mailed approximately 123 million economic stimulus payment notices to taxpayers between April and December 2008.
[8] The IRS mailed about 20,700 Identity Theft Program notices and letters to taxpayers between October 2007 and January 2009.
[9] IRS computer system capable of retrieving or updating stored information. It works in conjunction with a taxpayer’s account records.