Accessibility Skip to Top Navigation Skip to Main Content Home  |  Change Text Size  |  Contact IRS  |  About IRS  |  Site Map  |  Español  |  Help  
magnifying glass
Advanced Search   Search Tips

Employee Connection

 

Privacy Impact Assessment - Employee Connection

Employee Connection System Overview

Employee Connection is an Interactive Voice Response (IVR) system designed to provide Internal Revenue Service (IRS) employees with access to their personal information and basic information on employment benefits available through the Federal Government. Separated or retired employees will continue to have access to the system for one year after separation. The system is accessible 24 hours a day, 7 days a week.

Access to the information is obtained by using a touch-tone telephone or a Telecommunications Device for the Deaf (TDD) and requires the employee to enter their Social Security Number (SSN) to verify they are an IRS employee. To access personal benefits information employees are required to enter a four digit Personal Identification Number (PIN). The Employee Connection database server is updated every pay period from a Treasury Integrated Management Information System (TIMIS) CD-ROM provided by the National Finance Center (NFC).

System of Records Number(s):

Treasury/IRS 34.037 - IRS Audit Trail and Security Records
Treasury/IRS 36.002 Employee Activity Records
Treasury/IRS 36.003 General Personnel and Payroll Records
Treasury/IRS 36.009 Retirement, Life Insurance, and Health Benefits Records Systems

Data in the System

1. Describe the information (data elements and fields) available in the system in the following categories:

A. Taxpayer
B. Employee
C. Audit Trail Information (including employee log-in info)
D. Other (Describe)

A: None. Employee Connection (EC) does not gather or process information on anyone that is not an IRS employee.

B: Personal payroll information and basic information on employment benefits available through the Federal Government.

C: For quality control and support, the application tracks menu options selected by employees accessing the system.

D: There are no other Government benefits data residing in the database besides what is already in Employee Connection.

2. Describe/identify which data elements are obtained from files, databases, individuals, or any other sources.

A. IRS
B. Taxpayer
C. Employee
D. Other Federal Agencies (List agency)
E. State and Local Agencies (List agency)
F. Other third party sources (Describe)

A: The EC database is updated every pay period from a Treasury Integrated Management Information System (TIMIS) CD-ROM provided by the National Finance Center (NFC).

B: None -EC does not gather or process information on anyone that is not an IRS employee.

C: None -The only information that is collected directly from the employee and stored in the EC database is their PIN. Employees may change their PIN as often as they like. Once they enter their new PIN through the IVR system, it is stored in the database. They will need to use that PIN the next time they access the EC system.

D: Only the NFC provides data for use in EC.

E: None -IRS sources only.

F: None -IRS sources only.

3. Is each data item required for the business purpose of the system? Explain.

Yes. Access to this data is provided to IRS employees so they can access personal information and basic information on employee benefits provided by the Federal Government.

4. How will each data item be verified for accuracy, timeliness, and completeness?

Not applicable as data collection, verification, and checks for completeness of data are performed prior to the TIMIS extract being provided to EC.

5. Is there another source for the data? Explain how that source is or is not used.

EC integrates a Standard Employee Identifier (SEID) into the EC database to provide employees with a method of learning their assigned SEID when users do not have browser access to the Discovery Directory. SEID's are received from the Corporate Authoritative Directory Services (CADS) system via FTP every two weeks.

6. Generally, how will data be retrieved by the user?

The data is retrieved by the user by using a touch-tone telephone or if hearing impaired, by using a TDD.

7. Is the data retrievable by a personal identifier such as name, SSN, or other unique identifier?

Employees may only access their own personal benefits information by a combination of their SSN and PIN.

Access to the Data

8. Who will have access to the data in the system (Users, Managers, System Administrators, Developers, Others)?

Employees: Access is given only to IRS employees (current or retired) via the IVR system using their SSN and PIN. Employees can only access their own personal information.

Manaqers: A manager or supervisor also needs to use their SSN and PIN to access their own personal information. They are unable to access any other employee's personal information without knowing the employee's SSN and PIN.

Systems Administrator: The SA for the EC IVR has the same access to the system as all other IRS employees. In addition, they may also access the system via a Local Area Network (LAN) connection to perform system maintenance. This requires a valid USERID and Password. The EC SA "superuser" has access to all data within the EC.

Proqram Analyst: A Program Analyst has the same access to the system as all other IRS employees. In addition, they may also access the EC system through a LAN connection. This requires a valid USERID and Password. Their access is read-only, so they are unable to change any data.

Developer/Proqrammer: A developer/programmer has the same access to the system as all other IRS employees. In addition, they may also access the EC system through a LAN connection. This requires a valid USERID and Password. An EC developer/programmer has access to all data within EC.

Other: The Inspector General for Tax Administration (TIGT A) and the Government
Accounting Office (GAO) representatives will have access to the EC during system audits but no privileges to change data. Granting access is made on a need-to-know basis as indicated on the IRS On-Line 5081 and approved by the SA/Security Officer. Access is terminated immediately when the individual no longer requires access to the system.

Contractors: Granting of access is made on a need-to-know basis, as indicated on the IRS On-Line 5081, and approved by the individual's manager and the SA/Security Officer. Access is terminated immediately when the individual no longer requires access to the system.

9. How is access to the data by a user determined and by whom?

All new IRS employees are given access to the EC IVR system after they have been loaded into the database from the TIMIS download.  They are then assigned a random PIN.  A letter containing their new PIN will be mailed to their home address. They will be unable to access any of their personal information on the EC system until they receive their PIN. On initial access to the EC system, the employee can change their PIN. If an employee forgets their PIN, they may request a new one through the system. A new random PIN will be generated for that employee, and a letter containing their PIN will be mailed to their home address.  Any I RS employees requesting access to the EC system via the LAN must submit an Information Systems User Registration/Change Request, IRS Form 5081. The Form 5081 must be coordinated with the site SA and/or computer/network security officer. SAs verify that these EC users have appropriate clearances, authorizations, need-to-know, and security training prior to being given access to the system. User profiles and roles are assigned by the SA and established when user accounts are created.

Access to the EC system is given only to IRS employees (current, retired, and separated). Retired and separated employee data will remain on the system for one year. They will be able to access the system as long as their SSN and PIN remain on the system. Users accessing the system must enter a valid SSN and PIN to verify that they are/were an IRS employee. In addition, EC staff (e.g., SAs and Developers/Programmers) may access the EC system via a LAN connection by using a USERID and password, which are unique to each user.

10. Do other IRS systems provide, receive, or share data in the system? If YES, list the system(s) and describe which data is shared. If NO, continue to Question 12.

Employee data is provided to the Employee Resource Center's (ERC) Heat ticketing system.

11. Have the IRS systems described in Item 10 received an approved Security Certification and Privacy Impact Assessment?  Yes.

12. Will other agencies provide, receive, or share data in any form with this system?

TALX, a salary and employment verification contractor receives data. TALX administers the Work Number for Everyone program, a salary and employment verification program for all IRS employees. When EC receives each biweekly TIMIS download from NFC, new employees will be assigned a random PIN. After all of the data from the download has been loaded into the database, a file is created containing the SSN and PIN of every employee in the EC database. This file is encrypted and is transmitted via File Transfer Protocol (FTP) to the TALX system. Any requests for data from outside vendors such as this must have prior approval from IRS management and security personnel. 

Administrative Controls of Data

13. What are the procedures for eliminating the data at the end of the retention period?

Employee records are retained for one year after the employee has left the IRS. Applicable records are then deleted systemically from the database by the ERC programmers after the expiration of the retention period.

14. Will this system use technology in a new way? If "YES" describe. If "NO" go to Question 15.

No. EC uses technology to automate employee access to personal and basic information on employment benefits, but uses technology that has previously been in use by the IRS. The system serves a specific function, but does not use the technology in was not previously employed by the IRS.

15. Will this system be used to identify or locate individuals or groups? If so, describe the business purpose for this capability.

Yes -For quality control and support, the EC staff can monitor the menu options selected by employees accessing the system.

16. Will this system provide the capability to monitor individuals or groups?  If yes, describe the business purpose for this capability and the controls established to prevent unauthorized monitoring.

Yes -The EC system uses employee Servicing Office Numbers and Organization Codes to determine which office a call should be routed to. The areas that use this call routing technique are: Retirement (BeST) Specialists, Employee Account Representatives, Workers Compensation, and Employee Support Centers. These groups are all dispersed geographically throughout the entire country. Information about which Servicing Office Numbers and Organization Codes to use are received from the heads of each office whenever a change to the routing is required.

17. Can use of the system allow IRS to treat taxpayers, employees, or others, differently?  Explain.

No. All IRS employees have equal access to their personal payroll and benefits information via the EC system. Hearing impaired employees can access the EC system via TDD. Taxpayers do not have access to this system.

18. Does the system ensure "due process" by allowing affected parties to respond to any negative determination, prior to final action?

No data elements from the EC system are placed in an employee's permanent record. Data elements that are calculated by the EC system are played over the IVR system to the employee only for purposes of future planning by that employee and are not used to make any determinations about the employee.

19. If the system is web-based, does it use persistent cookies or other tracking devices to identify web visitors?

The EC system is not web-based. Access is via by a touch-tone telephone or by a TDD device for the hearing impaired.
 


Page Last Reviewed or Updated: May 25, 2005