Accessibility Skip to Top Navigation Skip to Main Content Home  |  Change Text Size  |  Contact IRS  |  About IRS  |  Site Map  |  Español  |  Help  
magnifying glass
Advanced Search   Search Tips

Integrated Data Retrieval System

 

Privacy Impact Assessment - Integrated Data Retrieval System (IDRS)

IDRS System Overview

The Integrated Data Retrieval System (IDRS) is a mission critical steady state system that consists of databases and operating programs that support Internal Revenue Service employees working active tax cases within each business function across the entire Internal Revenue Service. This system manages data that has been retrieved from the Tax Master Files allowing Internal Revenue Service employees to take specific actions on taxpayer account issues, track status, and post transaction updates back to the Master Files.  It provides for systemic review of case status and notice issuance based on case criteria, thereby alleviating staffing needs and providing consistency in case control.

System of Record Number(s)

Treasury IRS – 24.030, CADE Individual Masterfile (IMF)
Treasury IRS – 24.046, CADE Business Master File (BMF)
Treasury IRS – 34.037, IRS Audit Trail; and Security Records System

Data in the System

1. Describe the information (data elements and fields) available in the system in the following categories:

A. Taxpayer
B. Employee
C. Audit Trail Information (including employee log-in info)
D. Other (Describe)
 
A. Taxpayer
Entity Data: The entity data consists of the taxpayer’s SSN, address, and Name Control (first four characters of the taxpayers last name)

Tax Module Data:  If individual taxpayer consists of the taxpayers Name, SSN, date of birth, address, filing status, exemptions, and income.   If business taxpayer the tax module data consists of corporation or partnership name, Taxpayer Identification Number (TIN), business income, etc. 

B. Employee
Information collected consists of employee’s IDRS user-id and password, IDRS employee number

C. Audit Trails
Consist of 10 digit assigned unique employee number, 10 digit case number and the tax period, for example, 0602 (indicates a return filed for tax year ending June of 2002 ).  These fields are entered after the employees have entered their user-id and password.   Managers receive a computerized listing that indicates what employee is working on what case(s) and this listing would indicate if an employee is reviewing a taxpayer’s information that they had not been assigned.  There are other computerized programs that provide both audit trails and statistics as to whether an employee made an unauthorized access (UNAX) of a taxpayer’s tax data.

D.  None

2. Describe/identify which data elements are obtained from files, databases, individuals, or any other sources.

A. IRS
B. Taxpayer
C. Employee
D. Other Federal Agencies (List agency)
E. State and Local Agencies (List agency)
F. Other third party sources (Describe)
 
A.  IRS Data:  Taxpayer Information File (TIF); IDRS consists of 90 TIF Records.  These  90 TIF records vary by type/functionality and depend upon the type used by business units; Small Business/Self Employed (SB/SE); Large and Mid Size Business (LMSB); Tax Exempt and Government Entities (TE/GE); and Wage & Investment (W&I).

B.  Taxpayer Data:  IDRS contains taxpayer data  provided by taxpayers via their tax returns. 

C. Information is collected from employees who are authorized to log on to work and process requests such as audits, payment and collection activities.   This information is tracked via audit trails on the 5081 system; audit trails contain the employee’s number which is used by IDRS to assign tax cases to a particular employee. 

D.  The Department of Treasury Financial Management System (FMS) sends the IRS a file known as the “Disposition” file that is fed into the Case Control Activity (CCA) process of IDRS.  There are no output files created by the CCA process or any other IDRS process that are sent back to FMS.  The Inspector General for Tax Administration (TIGTA) is authorized access to IDRS in the course of their investigative and audit responsibilities.  GAO in the course of their audit responsibilities may be authorized  to receive data from IDRS.  

E.  The IDRS process does not directly share any data with state or local agencies.  Data that is processed by IDRS and then sent to the Masterfiles is however shared with State and Local Governments as part of the Fed-Sate relations Project. 

F.  No.

3.  Is each data item required for the business purpose of the system?  Explain.

Yes, the IDRS system allows the designated end-users/employees of the Small Business/Self Employed (SB/SE) Operating Division, Large and Mid Size Business (LMSB) Operating Division, Tax Exempt and Government Entities (TE/GE)Operating Division and Wage & Investment (W&I) Operating Division within the IRS who have been assigned a caseload related to their specific function (examination, audit, collection, etc.) to access the data they need to conduct review of requests for their respective functions from the Integrated Data Retrieval System.

4. How will each data item be verified for accuracy, timeliness, and completeness?

The various programs and command codes within the IDRS have built in validity checks to help ensure accuracy.   For example, there are validity checks to insure that a SSN/TIN when entered into an on-line application contains all numeric data.  Validity checks also are in place using the previously mentioned entity data to insure that if multiple taxpayers have the same first and last name that they are properly distinguished one from the other via the entity check information. Product Assurance reviews  the data as part of the case processing procedures to ensure accuracy, timeliness and completeness. There are a series of tests performed on this data such as the Compatibility Test and the Final Integration test which ensure the accuracy, timeliness and completeness of all IDRS data prior to the annual Filing Season Start-up. 

5. Is there another source for the data?  Explain how that source is or is not used.

Certain, but not all, elements are available from other systems.  Those systems are unique to a particular office function, i.e.,  Appeals, ACS, or Field collection and are not readily accessible to other office functions.  In addition, these systems are not specific to the IDRS cases.  The IDRS is specific to maintaining tax payer information, on the Individual Masterfile (IMF), and the Business Masterfile (BMF).   

6. Generally, how will data be retrieved by the user? 

Data can be retrieved and displayed using command codes on standard IDRS screens. 

7. Is the data retrievable by a personal identifier such as name, SSN, or other unique identifier? 

Yes.  Data is retrievable by Taxpayer Identification Number, TIF record type, Masterfile Transaction Code, and the Document Locator Number (DLN).

Access to the Data

8. Who will have access to the data in the system (Users, Managers, System Administrators, Developers, Others)?

As approved by IRS management, authorized employees in each business unit who as a part of their duties need access, (users, managers, system administrators, developers) and by certain others, such as TIGTA.

9. How is access to the data by a user determined and by whom? 

Management determines which employees have access to IDRS and for what purposes.  Form 5081 documents at what levels they may view and use the data.  Employee access is determined by their specific need to access taxpayer data to perform their official assigned duties. Audit trails are produced by the Security & Communications System portions of the system through which all users must pass to get access to the TIF database used by IDRS. 

10. Do other IRS systems provide, receive, or share data in the system?  If YES, list the system(s) and describe which data is shared.  If NO, continue to Question 12.

Yes, the following IRS systems provide, receive, or share data with IDRS:  Electronic Funds Transfer Program System (EFTPS); Generalized Mainline Framework (GMF); Generalized Unpostable Framework (GUF); Error Resolution System (ERS); Federal tax Deposit System (FTD); Remittance Processing System (RPS); State Income Tax Levy Project (SITLP);Inventory Delivery System (IDS); Integrated Collection System (ICS); Audit Information Management System (AIMS); Standardized IDRS Access (SIA); Underreporter Project (URP); CADE Individual Masterfile (IMF); CADE Business Masterfile (BMF); Employee Plans Masterfile (EPMF); and, Individual Retirement Account File (IRAF).  These processes send data to the IDRS program via Daily 09 (DLY09) which merges all the data by masterfile and sends that data to its respective TIF. For example all IMF data goes to the ITIF, all BMF data goes to the BTIF and all other project data goes to the ZTIF.  Once this information is on its respective TIF it is sorted and distributed to End Of Day (EOD) which sends  data back to the respective originating processes.   

11. Have the IRS systems described in Item 10 received an approved Security Certification and Privacy Impact Assessment?

The two main systems, CADE, Individual Masterfile, and CADE, Business Master File have approved Security Certifications and PIAs on record as part of the IRS Modernization Program. 

12.  Will other agencies provide, receive, or share data in any form with this system?

TIGTA is authorized access to IDRS and may access IDRS in the course of their investigative and audit responsibilities.  GAO in the course of their audit responsibilities may be authorized by the disclosure office to receive data from IDRS.  In addition as part of the IRS Fed-State program, states receive data from  the IDRS for their tax collection activities.  The Department of Treasury Financial Management System (FMS) sends the IRS a file known as the “Disposition” file that is fed into the Case Control Activity (CCA) process of IDRS.  There are no output files created by the CCA process or any other IDRS process that are sent back to FMS.

Administrative Controls of Data:

13.  What are the procedures for eliminating the data at the end of the retention period?

The procedures for eliminating the electronic TIF data at the end of the retention period are found in IRM 1.15..2 . Specifically it states in section 1.15.6.9 Retention and Disposition of Electronic Records
(01-01-2003)

(1)The IRS Records Officer is the liaison with NARA and customer organizations for ensuring that electronic records and the related documentation are retained for as long as needed by the IRS. These disposition and retention procedures shall include provisions for:

a. Scheduling all electronic records, as well as related documentation and indexes, by submitting a SF-115, Request for Records Disposition Authority to NARA or, in some instances by applying NARA's General Records Schedules, if appropriate. The information in electronic information systems, including those operated for the IRS by a contractor, will be scheduled as soon as possible, but no later that one year after implementation of the system.

b. Transferring a copy of the electronic records and related documentation and indexes to NARA at the time specified in the records control schedule for permanent records.

Note: SF-115 is completed by the IRS Records Management Staff only.

14.  Will this system use technology in a new way?  If "YES" describe.  If "NO" go to Question 15.  No.

15.  Will this system be used to identify or locate individuals or groups?  If so, describe the business purpose for this capability.

Yes. The TIF database records accessed by IDRS contain data that allow designated and authorized IRS employees who have a business need to identify and/or locate individuals or groups.  For example, in an instance where a taxpayer applies for and is granted Innocent Spouse Relief  the  data gleaned from a case where a couple filed their income tax return jointly would then be used to identify and locate the other spouse who is obligated to make the tax payment.   Collection activities also use this data to identify and locate taxpayers who have an outstanding tax obligation.  Examination also uses this data to identify and locate taxpayers for audit purposes.  Appeals uses this data to identify and locate taxpayers who are contesting their tax obligation in US Tax Court. 

16. Will this system provide the capability to monitor individuals or groups? If yes, describe the business purpose for this capability and the controls established to prevent unauthorized monitoring.

Yes, to the extent that the system tracks the status of a taxpayers account after it has been assigned as a case for audit, collection, appeal, etc.  Audit trails exist that determine whether or not an IRS employee is authorized to have  access and use of the system.  These audit trails are determined by assigned employee numbers, user-ids and passwords. 

17. Can use of the system allow IRS to treat taxpayers, employees, or others, differently?  Explain.

No. However, procedures are in place for taxpayers that allow them to have appeal rights for taxes levied against them.  In addition, taxpayers may pursue resolution via the Taxpayers Advocate’s office.   Procedures are in place that provide protections for employees so they will not be subject to  unwarranted disciplinary actions.  Form 10420, Security Incident Report and Form 11377, Inadvertent Taxpayer Data Access provide protections for IRS employees who accessed a taxpayers data which had not been assigned to them as a result of a keying error or other inadvertent access.

18.  Does the system ensure "due process" by allowing affected parties to respond to any negative determination, prior to final action?

Yes. The effects of the IDRS on the due process rights of taxpayers are positive and do not need to be mitigated. 

19.  If the system is web-based, does it use persistent cookies or other tracking devices to identify web visitors?

The IDRS  is not web based.

 
 


Page Last Reviewed or Updated: April 28, 2005