Accessibility Skip to Top Navigation Skip to Main Content Home  |  Change Text Size  |  Contact IRS  |  About IRS  |  Site Map  |  Español  |  Help  
magnifying glass
Advanced Search   Search Tips

Electronic Learning System - Data Base

 

Privacy Impact Assessment – Electronic Learning System - Data Base (ELS-DB)

ELS-DB System Overview

The primary purpose of this server is to maintain the tables that represent various educational components used by each LMS (Learning Management System) such as the User, Class and Curriculum information and LMS application files.  Production database, training databases will be stored for Plateau as well as student info.

Data in the System

1. Describe the information (data elements and fields) available in the system in the following categories:

A. Taxpayer
B. Employee
C. Audit Trail Information (including employee log-in info)
D. Other (Describe)

A. No taxpayer data will be maintained.

B. The data collected from the employees include: employee’s name, extension, email address, stop number, Manger’s name, extension, e-mail address, fax number and agency/Bureau/Business.  In addition, course titles, dates enrolled, on-duty and off-duty hours used to complete course, and course completion dates are also collected to make up the whole employee E-learning account in the Plateau environment.

C. The Audit Trail information elements gathered are:
Account Logon – Failed Attempts
Logon – Failed Attempts

D.  The ELS DB server will keep information on student’s progress through a course.  This tracking feature is called a “bookmark” that a student selects to turn on so they can return top the course where they left off, if they had to interrupt their session.

2. Describe/identify which data elements are obtained from files, databases, individuals, or any other sources.

A. IRS
B. Taxpayer
C. Employee
D. Other Federal Agencies (List agency)
E. State and Local Agencies (List agency)
F. Other third party sources (Describe)

A. None
B. None
C. Employee SSN, email address, name of employee’s manager, and manager’s email address are provided by individual IRS & Treasury employees who access the ELS-LMS server to create a new account or enroll and take on-line courses.
D. None
E. None
F. None

3.  Is each data item required for the business purpose of the system?  Explain.

Yes, Title 5 of the Code of Federal Regulation, Section 410.311 requires agencies to maintain record of training events.  The date must be collected for employees to access courses and receive recognition.  The information is stored in the employee’s training history file on the ACES system.

4. How will each data item be verified for accuracy, timeliness, and completeness?

The email information is verified through the Exchange server, built-in error checking in Web forms, and validation from ACES Database.  Whether or not a course is actually completed is an integrity issues.  We depend on the integrity of employees that they will mark the course as completely to be true.

5. Is there another source for the data?  Explain how that source is or is not used.

No. Individuals are responsible for the accuracy of their own data they use to create their E-Learning account.

6. Generally, how will data be retrieved by the user? 

Each employee can only access their own E-learning account by SSN and PIN.  Their account lists all course titles they are enrolled in, completed and dropped.  SA will have access to database file that contains the Employee E-learning accounts.  Student account data is automatically uploaded to ACES upon completion of a course.

7. Is the data retrievable by a personal identifier such as name, SSN, or other unique identifier? 

Yes, for an employee to access their e-learning account data, employee must input their SSN and PIN.  System Administrators, Course and Web Administrators from ELS can access employee accounts for the purpose of correcting records.  Training Directors or Course Administrators from any “Treasury bureau cannot access employee data on ELS-Internet, ELS-Web or ELS-Treasury.

Access to the Data

8. Who will have access to the data in the system (Users, Managers, System Administrators, Developers, Others)?

Users have access to their own account data.  System Administrators, Course Administrators, and Web Masters will have access to the data for correcting employee accounts.

Managers from IRS can access an IRS employee’s training history records from ACES system of records.

9. How is access to the data by a user determined and by whom? 

User (students of thee-learning Services and Support (ELS) can only access their own account.  Web Masters have read, write, and edit privileges and access to the student, course, course launch databases, tables, and program files.  Systems administrators have read and copy access to these files and the Course Administrators have read, write and edit privileges to the course database file and tables.

10. Do other IRS systems provide, receive, or share data in the system?  If YES, list the system(s) and describe which data is shared.  If NO, continue to Question 12.

Yes, Once an employee has completed a course it is automatically uploaded to the ACES system where all employee history files are kept.

11. Have the IRS systems described in Item 10 received an approved Security Certification and Privacy Impact Assessment?  Yes.

12.  Will other agencies provide, receive, or share data in any form with this system?  No.

Administrative Controls of Data

13.  What are the procedures for eliminating the data at the end of the retention period?

Data is retained indefinitely to allow students access to completed courses for reference purposes.  The employee official training history file once marked completed is kept in ACES.  The employee profile will be kept indefinitely as long as they are an IRS employee.

14.  Will this system use technology in a new way?  If "YES" describe.  If "NO" go to Question 15.  No.

15.  Will this system be used to identify or locate individuals or groups?  If so, describe the business purpose for this capability.  No.

16. Will this system provide the capability to monitor individuals or groups? If yes, describe the business purpose for this capability and the controls established to prevent unauthorized monitoring.

No.  The only “monitoring” capability is the Bookmark Feature the employee activates.

17. Can use of the system allow IRS to treat taxpayers, employees, or others, differently?  Explain.  No.

18.  Does the system ensure "due process" by allowing affected parties to respond to any negative determination, prior to final action?  NA

19.  If the system is web-based, does it use persistent cookies or other tracking devices to identify web visitors?

No.  the server only makes “per session” cookies, while the student’s browser is open.  Nothing is saved or written to the hard drive of the user’s/student’s system.
 


Page Last Reviewed or Updated: November 09, 2004