Privacy Impact Assessment – Congressional Affairs Program Records
CAP System Overview
The is an automated database, replacing an ineffective paper reporting system. The database records basic information about employee contacts with congressional offices (or committees) that are made as part of the Congressional Affairs Program (CAP). It will allow the IRS to improve quality of service to Congress and their constituents by providing a means to analyze the contacts made. This includes determining which issues are priorities for specific congressional offices, which have been resolved, and which are routine in nature. The database allows CAP coordinators access to the research efforts of their coworkers, which will reduce duplicated efforts and provide faster resolution to issues. By maintaining organized records of congressional contacts, the IRS will be able to improve continuity of service through personnel changes. In addition, the database provides the means to measure the effectiveness of the CAP.
The database will reside on the National Enterprise Resource Domain (NERD), but is utilized directly via Microsoft Access; it is not a web based system.
System of Record Number(s)
Treasury/IRS 10.005 Congressional Affairs Program Records
Treasury/IRS 34.037 IRS Audit Trail & Security Records
Data in the System
1. Describe the information (data elements and fields) available in the system in the following categories:
A. Taxpayer - No taxpayer data will be entered into this system or stored on this system. If a member of congress or their staff makes specific taxpayer inquiries, they are referred to the Taxpayer Advocate.
B. Employee - Name, Phone Number, Branch
C. Audit Trail Information (including employee log-in info) - This is an internal Legislative Affairs database. Managers decide who needs access. Users will have logged on to the IRS system using a password, and are tracked per audit trail standard procedures, including the completion of a form 5081.
D. Other (Describe) - Congressional office (or committee) contacted, dates of contact, subject matter and summary of contact, type of contact. No taxpayer data is recorded per written instructions to users.
2. Describe/identify which data elements are obtained from files, databases, individuals, or any other sources.
A. IRS - n/a
B. Taxpayer - No taxpayer data is collected or used.
C. Employee - Legislative Affairs employees who use the database log in to the IRS system to reach the database using their user name ID and password.
D. Other Federal Agencies (List agency) - n/a
E. State and Local Agencies (List agency) - n/a
F. Other third party sources (Describe) - All other data is obtained and input by the users, who are Legislative Affairs employees. This data is gathered thru contacts with congressional offices.
3. Is each data item required for the business purpose of the system? Explain. Yes.
4. How will each data item be verified for accuracy, timeliness, and completeness?
The system administrator will review for completeness of entries.
Users and managers will review for accuracy.
User’s manager will review for timeliness.
5. Is there another source for the data? Explain how that source is or is not used. No.
6. Generally, how will data be retrieved by the user?
Automated query functions built into the database produce printable reports. All users will have direct access to these queries.
7. Is the data retrievable by a personal identifier such as name, SSN, or other unique identifier?
Yes. Name of user, contacts, and congressional offices. No taxpayer data is in the system.
Access to the Data
8. Who will have access to the data in the system (Users, Managers, System Administrators, Developers, Others)?
Legislative Affairs employees, managers, CAP Coordinators and their managers (other than TAS personnel). I.S. systems administrator may view data in the course of their duties.
9. How is access to the data by a user determined and by whom?
Access rights to the database are controlled by Legislative Affairs managers on a need to know basis. Rights will be changed to reflect changes in CAP personnel. When personnel leave or no longer require access permission will cease.
10. Do other IRS systems provide, receive, or share data in the system? If YES, list the system(s) and describe which data is shared. If NO, continue to Question 12. No.
11. Have the IRS systems described in Item 10 received an approved Security Certification and Privacy Impact Assessment?
Not Applicable.
12. Will other agencies provide, receive, or share data in any form with this system? No.
Administrative Controls of Data
13. What are the procedures for eliminating the data at the end of the retention period?
In accordance with IRM 1.15.33 Records Control Schedule for Legislative Affairs, data will be deleted at the end of the Congressional session.
14. Will this system use technology in a new way? If "YES" describe. If "NO" go to Question 15. No.
15. Will this system be used to identify or locate individuals or groups? If so, describe the business purpose for this capability.
No. It will be used to monitor subject matter or issues.
16. Will this system provide the capability to monitor individuals or groups? If yes, describe the business purpose for this capability and the controls established to prevent unauthorized monitoring.
No, it will be used to monitor subject matter and issues. No sensitive but unclassified data will be input into the system. No taxpayer data is collected or used in the system.
17. Can use of the system allow IRS to treat taxpayers, employees, or others, differently? Explain.
No. The system will help the IRS serve our Congressional contacts better.
18. Does the system ensure "due process" by allowing affected parties to respond to any negative determination, prior to final action?
Not Applicable
19. If the system is web-based, does it use persistent cookies or other tracking devices to identify web visitors? No
| 
