Accessibility Skip to Top Navigation Skip to Main Content Home  |  Contact IRS  |  About IRS  |  Site Map  |  Español  |  Help  

Advanced Search   Search Tips

Wireless Program Office Data Repository

 

Privacy Impact Assessment - Wireless Program Office Data Repository (WPO)

WPO System Overview

The Wireless Program Office Data Repository (WPO) project is considered a priority in support of the strategic initiatives relating to the collection, compilation and reporting of resource management funding allocation for electronic devices. This information is used to meet the requirement for reporting, analysis and records management mandated by WPO Program Management.   Additionally the Wireless electronic Ordering System is designed for placing new service orders, tracking two levels of management approval and electronically sending fully approved orders to the vendor.  A complete inventory of all cell phone numbers and users names are also stored in the system.

System of Records Number(s)

Treasury 009 - Treasury Financial Management System
Treasury/IRS 36.003 - General Personnel and Payroll Records

Data in the System

1. Describe the information (data elements and fields) available in the system in the following categories:

A. Taxpayer
B. Employee
C. Audit Trail Information (including employee log-in info)
D. Other (Describe)

A.  N/A 

B.  Employee – Name, SEID, Organization Code, and cell phone number

C.  Audit trails are kept on all orders, inventory, and requestor changes.

D.   N/A 

2. Describe/identify which data elements are obtained from files, databases,  individuals, or any other sources.

A. IRS
B. Taxpayer
C. Employee
D. Other Federal Agencies (List agency)
E. State and Local Agencies (List agency)
F. Other third party sources (Describe)

A. Information is obtained from the Corporate Authority Database (CAD), Telecommunications Asset Tool (TAT), and TIMIS.

B.  N/A

C, Employee information is obtained from the IRS systems listed above.

D. N/A 

E.  N/A 

F  SENTENCE REDACTED

3.  Is each data item required for the business purpose of the system?  Explain.

Yes, the system tracks the assignment and disposition of electronic devices issued to certain employees when management determines that the device will help them do their job.

4. How will each data item be verified for accuracy, timeliness, and completeness?

Accuracy of the data will be validated by the employee and organizational change updates that occur via data down load from the CADS database monthly.

5. Is there another source for the data?  Explain how that source is or is not used.

There is not another source for the data.  

6. Generally, how will data be retrieved by the user? 

Query of the database using Name, Org code, SEID, & Mobile Number assigned.

7. Is the data retrievable by a personal identifier such as name, SSN, or other unique identifier? 

Yes.  SEID, Telephone Number, and Name.  Data can be retrieved by org code as well.  There are various purposes:  1.  to determine which employees did not validate their cell phones;  2.  to determine how many cell phone users are in specific BODs for budgeting purposes; 3. to pull all validated cell phone numbers to determine out year budgets; and 4. to also determine how many phones have been replaced because they have been lost, stolen or broken.   #4 helps us to determine if there is a pattern of neglect.

Access to the Data

8. Who will have access to the data in the system (Users, Managers, System Administrators, Developers, Others)?

Authorized users, WPO program managers, Web Services developers, and local application administrator, system admin in order to make record layout change modifications to the system.

9. How is access to the data by a user determined and by whom? 

The application will provide authorized access only.  This access is managed via the application by program managers and the local system application administrator. Authorized users are the Wireless Team telecommunications specialist and the manager of that team.  When users are determined not to need access, they are removed from the system.

10. Do other IRS systems provide, receive, or share data in the system?  If NO, continue to Question 12.

Yes.  Listed above in question 2.A.

11. Have the IRS systems described in Item 10 received an approved Security Certification and Privacy Impact Assessment?  Yes.

12.  Will other agencies provide, receive, or share data in any form with this system?  No.

Administrative Controls of Data

13.  What are the procedures for eliminating the data at the end of the retention period?

Automated Purge of the database when problem is resolved, and/or data is no longer needed.

14.  Will this system use technology in a new way?  If "YES" describe.  If "NO" go to Question 15.  No.

15.  Will this system be used to identify or locate individuals or groups?  If so, describe the business purpose for this capability.

The system will list a record for each employee provisioned with electronic devices.  The records will be used to keep track of ownership.  When an employee no longer has the devises, their name and record is removed.

16. Will this system provide the capability to monitor individuals or groups? If yes, describe the business purpose for this capability and the controls established to prevent unauthorized monitoring.

It will monitor individual usage rates for the electronic devices only.  It is not capable of monitoring the calls, nor the movement of employees themselves.

17. Can use of the system allow IRS to treat taxpayers, employees, or others, differently?  Explain.  No.

18.  Does the system ensure "due process" by allowing affected parties to respond to any negative determination, prior to final action?

Yes.  Any employee who lost the right to use of device would be given the reason, and right to question action.

19.  If the system is web-based, does it use persistent cookies or other tracking devices to identify web visitors?  No.