Accessibility Skip to Top Navigation Skip to Main Content Home  |  Contact IRS  |  About IRS  |  Site Map  |  Español  |  Help  

Advanced Search   Search Tips

Employee Resource Center Ticketing Application (HEAT)

 

Privacy Impact Assessment (PIA) - Employee Resource Center Ticketing Application (HEAT)

HEAT System Overview

The HEAT software allows our representatives to capture customer information from incoming phone calls, web tickets, faxes, etc. Our customers (IRS employees) use the HEAT Self Service interface to submit service requests.

System of Records Number(s)

Treasury/IRS 34.037 - IRS Audit Trail and Security Records
Treasury/IRS 36.002 Employee Activity Records
Treasury/IRS 36.003 General Personnel and Payroll Records
Treasury/IRS 36.009 Retirement, Life Insurance, and Health Benefits Records Systems

Data in the System

1. Describe the information (data elements and fields) available in the system in the following categories:

A. Taxpayer
B. Employee
C. Audit Trail Information (including employee log-in info)
D. Other (Describe)

A.  The system contains no taxpayer data.

B.  Standard Employee Identification Number (SEID), Employee personal Information such as name, phone, location, organizational data.

The HEAT system does not track users who do not complete a web ticket.

2. Describe/identify which data elements are obtained from files, databases, individuals, or any other sources.

A. IRS
B. Taxpayer
C. Employee
D. Other Federal Agencies (List agency)
E. State and Local Agencies (List agency)
F. Other third party sources (Describe)

SEIDs are obtained from a Corporate Authoritative Directory (CADS) download.  Personal information is obtained from TAPS (Totally Automated Personnel System) and the user's NT system profile. None of our data is downloaded from outside sources.

3. Is each data item required for the business purpose of the system? Explain.

SElDs are used to identify the employee.  Personal information is used to identify thelocation for services or to change personnel records.

4. How will each data item be verified for accuracy, timeliness, and completeness?

The ERC does not verify the downloaded data.  The user can request changes to the personal information through HR Connect.

5. Is there another source for the data? Explain how that source is or is not used.

At this time, there is no other source for the data. Eventually, HR Connect will become the source for the information we currently download from TAPS.

6. Generally, how will data be retrieved by the user?

When a user creates a ticket through HEAT Self Serve (HSS), the screen automatically populates with personal information. This data cannot be changed by the user within the HSS application.  ERC and Field Reps retrieve the data based on SEID or name.

Access to the Data

8. Who will have access to the data in the system (Users, Managers, System
Administrators, Developers, Others)?

Outside the ERC, except for HEAT field users, employees can only see their own data. Within the ERC, reps, specialists, and managers can view the database. They cannot make changes to the data. Field HEAT users can also view the employee data, but cannot change the data.

System Administrators, Database Administrators, and Programmers have access to the database and are able to make changes.

9. How is access to the data by a user determined and by whom?

Any IRS employee with their SEID/PIN can access their data thru HSS.  Access to the database as an internal user (ERC or Field Rep) is determined by management through the OL 5081 process.

10. Do other IRS systems provide, receive, or share data in the system? If YES, list the system(s) and describe which data is shared. If NO, continue to Question 12.

No, the ERC's data is not shared with any other systems.

11. Have the IRS systems described in Item 10 received an approved Security Certification and Privacy I mpact Assessment?  Yes.

12. Will other agencies provide, receive, or share data in any form with this system?  No.

Administrative Controls of Data

13. What are the procedures for eliminating the data at the end of the retention period?

Data is archived annually. At the end of the retention period, the affected data will be erased.

14. Will this system use technology in a new way? If "YES" describe. If "NO" go to Question 15.  No.

15. Will this system be used to identify or locate individuals or groups? If so, describe the business purpose for this capability.  No.

16. Will this system provide the capability to monitor individuals or groups? If yes, describe the business purpose for this capability and the controls established to prevent unauthorized monitoring.  No.

17. Can use of the system allow IRS to treat taxpayers, employees, or others, differently? Explain.  No.

18. Does the system ensure "due process" by allowing affected parties to respond to any negative determination, prior to final action?  Not applicable.

19. If the system is web-based, does it use persistent cookies or other tracking devices to identify web visitors?

Not web-based.