Privacy Impact Assessment (PIA) – Automated Labor Employee Relations Tracking System (ALERTS)
ALERTS System Overview
The Automated Labor Employee Relations Tracking System (ALERTS) is a database application designed to establish, track and manage labor and employee relations case inventory which includes conduct, performance and grievances for IRS employees. ALERTS is also used to generate numerous reports for management, business units, and for Congressional testimony impacting legislation that affects the entire IRS.
System of Record Number(s)
Treasury/IRS 34.021 – Personnel Security Investigation, National Background Center (NBIC),
Treasury/IRS 34.022 – NBIC Center MIS,
Treasury/IRS 36.001 – Appeals, Grievances, and Complaints Records, and
Treasury/IRS 36.003 – General Personnel and Payroll Records
Data in the System
1. Describe the information (data elements and fields) available in the system in the following categories:
A. Taxpayer
B. Employee
C. Audit Trail Information (including employee log-in info)
D. Other (Describe)
A. n/a
B. Employee data used in this system consists of the following data and fields:
* Date of Birth (DOB)
* Enter on Duty (EOD)
* Service Computation Date (SCD)
* Pay Plan (PP)
* Job Series (SER)
* Grade (GRA)
* Supervisory Status (SUPV)
* Bargaining Unit (BU)
* Work Schedule (WS)
* Organization Segment Code (OSC)
* Geographical Location (GEO)
* Union Number (UNION)
* Chapter number of union that will rep emp. (CHPT)
* Host Site (HS)
* SEID (SEID)
* Name (lname, fname, mi)
* Job Title (Title)
* Telephone Number (EMPTel)
* Social Security No. (SSN)
C. Audit logs Employee Identification (SEID) and Authentication (I&A) data of ALERTS users is UserID are only data used for validation and authentication purposes.
D. Other: Other data in the system consists of description of the case and/or comments from Labor Relations employees.
2. Describe/identify which data elements are obtained from files, databases, individuals, or any other sources.
A. IRS
B. Taxpayer
C. Employee
D. Other Federal Agencies (List agency)
E. State and Local Agencies (List agency)
F. Other third party sources (Describe)
A. Employee/IRS data elements are obtained from the following sources:
Employee Tax Compliance( ETC)
Garnishments
Performance and Results Information System/Treasury Inspector General for Tax Administration (PARIS/TIGTA)
National Background Investigation Center/Automated Background Investigative System (NBIC/ABIS)
Credit Card Services
Totally Automated Personnel System (TAPS–HR Connect)
Employee Conduct and Compliance Office (ECCO)
Investigative Management and Process Improvement (formerly known as CIRCU)
Computer Security Incident Response Center (CSIRC)
Labor Relations Specialists
B. n/a
C. n/a
D. TIGTA is listed above.
E. n/a
F. n/a
3. Is each data item required for the business purpose of the system? Explain.
Yes. In order to establish, track and manage labor and employee relation case inventory, that includes conduct, performance and grievances for IRS employees, it is required.
4. How will each data item be verified for accuracy, timeliness, and completeness?
Each data item is checked for completeness, accuracy and timeliness by each LR Host site Chief.
5. Is there another source for the data? Explain how that source is or is not used. No.
6. Generally, how will data be retrieved by the user?
The data is retrieved by doing queries via the ALERTS application.
7. Is the data retrievable by a personal identifier such as name, SSN, or other unique identifier?
Yes. Employee data is retrievable by the name, SEID and SSN.
Access to the Data
8. Who will have access to the data in the system (Users, Managers, System Administrators, Developers, Others)?
ALERTS Users consists of the following categories:
* Labor Relations Clerk (LR1)
* Labor Relations Specialist/Assistant (LR2)
* Labor Relation Analyst/Specialist (Grade 15 and ES Cases – LR3
* Labor Relations Manager (LRM)
* Labor Relations Administrative (LRA)
* Other External Users (e.g., Equal Employment Opportunity [EEO], ETC, TIGTA and LRM(s) or Personnel users who are not responsible for working labor relation cases, but need the capability to Query and Report case data).
* Systems Administrators (DCC & MCC)
* Database Administrator (DCC & MCC)
* ALERTS Developers
9. How is access to the data by a user determined and by whom?
Access to the data is determined by the System owner (ALERTS Program Manager).
The On-Line 5081 must be completed by each user requiring access to ALERTS. Once the Form 5081 has been approved, an ALERTS User Profile/Access Request Form must be completed and forwarded for approval to the ALERTS Program Manager. The User Profile/Access Request Form provides the information and authorization required to establish or build the user’s permission records within the application. The permission records will determine the type of actions a user can perform, and controls the scope of which case records and employee data elements the user will be able to access.
Procedures and controls are documented in Chapter 2, “System Access and Responsibilities in the ALERTS User Guide Manual.”
A user’s position and need-to-know authorization approved by management, determines the level of access to the employee data. User’s Access is restricted to the case inventory of their individual Host Site ONLY. Service-wide queries that return cases outside of their area of responsibility, have the private identifying information of the employee removed and is not displayed on the screen. A user’s access terminates when the user no longer requires access to ALERTS. Criteria, procedures, controls, and responsibilities regarding access are documented in the ALERTS Security Features User’s Guide (SFUG) and outlined in circular A-130.
10. Do other IRS systems provide, receive, or share data in the system? If YES, list the system(s) and describe which data is shared. If NO, continue to Question 12.
ALERTS receives employee case data from CSIRC, ETC, ABIS(NBIC), PARIS(TIGTA) and TAPS (HR Connect).
ALERTS provides employee case data to Integrated Complaints Tracking and Reporting System, case processing statistics to Measurements and suitability dispositions to ABIS.
11. Have the IRS systems described in Item 10 received an approved Security Certification and Privacy Impact Assessment? Yes.
12. Will other agencies provide, receive, or share data in any form with this system?
Yes. ALERTS receives and shares employee data with Treasury Inspector General Tax Administrator (TIGTA).
Administrative Controls of Data
13. What are the procedures for eliminating the data at the end of the retention period?
When a closed case has been on the system for three years (aged), all personal identifiers in the case are removed via a monthly batch job and the remaining information is kept for research and statistical information only.
14. Will this system use technology in a new way? If "YES" describe. If "NO" go to Question 15. No.
15. Will this system be used to identify or locate individuals or groups? If so, describe the business purpose for this capability. No.
16. Will this system provide the capability to monitor individuals or groups? If yes, describe the business purpose for this capability and the controls established to prevent unauthorized monitoring. No.
17. Can use of the system allow IRS to treat taxpayers, employees, or others, differently? Explain. No.
18. Does the system ensure "due process" by allowing affected parties to respond to any negative determination, prior to final action?
Yes. Employees are given an opportunity to respond to any negative information contained in the ALERTS system.
19. If the system is web-based, does it use persistent cookies or other tracking devices to identify web visitors?
The ALERTS system includes web-based functionality, but does not use persistent cookies.
| 
