Accessibility Skip to Top Navigation Skip to Main Content Home  |  Change Text Size  |  Contact IRS  |  About IRS  |  Site Map  |  Español  |  Help  
magnifying glass
Advanced Search   Search Tips

Intranet Hosting Environment

 

Privacy Impact Assessment – Intranet Hosting Environment

Intranet Hosting Environment System Overview

The Intranet Hosting Environment provides a consolidated platform to deliver and manage web based content.

System of Records Number(s) 

Treasury/ IRS 34.037 – IRS Audit Trail and Security System

Data in the System

1. Describe the information (data elements and fields) available in the system in the following categories:

A. Taxpayer
B. Employee
C. Audit Trail Information (including employee log-in info)
D. Other (Describe)

A. None
B. The system maintains a list of group memberships. In each group employees authorized to create, publish or approve content are identified.  All intranet sites are being consolidated under a single content management solution.  So this applies to all intranet sites within the Content Management Server (CMS).  IRWEB is one of those sites.
C. To maintain version control, each page or site will log the author of the content, the publisher, the approver and corresponding dates and times.
D. Visitor statistics are captured noting the date, time, page viewed, length of time and Internet Protocol (IP) address.

2. Describe/identify which data elements are obtained from files, databases, individuals, or any other sources.

A. IRS
B. Taxpayer
C. Employee
D. Other Federal Agencies (List agency)
E. State and Local Agencies (List agency)
F. Other third party sources (Describe)

A. Web Site Business Owners supply all content
B. N/A
C. Employees submit content for publishing on the Intranet.
D. N/A
E. N/A
F. N/A

3.  Is each data item required for the business purpose of the system?  Explain.  Yes.

4. How will each data item be verified for accuracy, timeliness, and completeness?

Each business unit will identify a business owner of the content, a content author, content publisher and content approver. Business Owners are responsible for validating the accuracy, timeliness and completeness of the information published.

5. Is there another source for the data?  Explain how that source is or is not used.

Data may be found in multiple venues such as print, email and other web sites. The Intranet Hosting Environment provides a consolidation point for IRS employee access.

6. Generally, how will data be retrieved by the user? 

Data will be retrieved using the default browser supplied by the IRS.

7. Is the data retrievable by a personal identifier such as name, SSN, or other unique identifier? No

Access to the Data

8. Who will have access to the data in the system (Users, Managers, System Administrators, Developers, Others)?

All IRS Employees can view.  Only owners can access to modify.

9. How is access to the data by a user determined and by whom? 

Business Owners designate the managers of the content. Managers are added to the system by submitting 5081’s.

10. Do other IRS systems provide, receive, or share data in the system?  If YES, list the system(s) and describe which data is shared.  If NO, continue to Question 12.  No

11. Have the IRS systems described in Item 10 received an approved Security Certification and Privacy Impact Assessment?  N/A

12.  Will other agencies provide, receive, or share data in any form with this system?  No

Administrative Controls of Data

13.  What are the procedures for eliminating the data at the end of the retention period?

Systems of Record Notice Treasury/ IRS 34.037. Intended retention period is three years. Data is eliminated via IRM 1.15.3 – Disposing of Records

14.  Will this system use technology in a new way?  If "YES" describe.  If "NO" go to Question 15. No

15.  Will this system be used to identify or locate individuals or groups?  If so, describe the business purpose for this capability.  No

16. Will this system provide the capability to monitor individuals or groups? If yes, describe the business purpose for this capability and the controls established to prevent unauthorized monitoring.  No

17. Can use of the system allow IRS to treat taxpayers, employees, or others, differently?  Explain.  No

18.  Does the system ensure "due process" by allowing affected parties to respond to any negative determination, prior to final action?  N/A

19.  If the system is web-based, does it use persistent cookies or other tracking devices to identify web visitors?

Session Cookies are used for the collection of statistics.
 


Page Last Reviewed or Updated: November 04, 2004