Privacy Impact Assessment – Embedded Quality Submission Processing (EQSP)
EQSP System Overview
Embedded Quality Submission Processing (EQSP) is a quality assurance system designed to capture data from employee, managerial and product quality reviews within the Submission Processing centers. This data will be comprised of reviews performed on approximately 25,000 employees who work in the Submission Processing centers. The system not only captures and stores data but also is able to provide periodic reports at various levels of the organizations for employee feedback purposes, employee evaluation purposes, managerial summarization and operational status purposes. All of the reporting levels are critical to the day-to-day operational status of each Processing Center.
The IRS has nine (9) Submission Processing Centers across the United States. They are Atlanta, Andover, Kansas City, Cincinnati, Austin, Brookhaven, Philadelphia, Ogden, Memphis and Fresno. Of these centers, seven use EQSP. They are Atlanta, Andover, Kansas City, Cincinnati, Austin, Ogden, and Fresno. These are the centers that process tax returns (Individual’s tax returns and Business’s tax returns) and all related documents. The Submission Processing Centers have various divisions, branches, etc. that handle the tax returns submitted by taxpayers, such as Receipt and Control Operations, Document Perfection Operations, Data Conversion Operations, Input Correction Operations, and Post Processing Operations. The quality review process evaluates the employee’s work and also evaluates the products. The ‘products’ that are quality reviewed are the programs that the employee’s work. The results of the employee quality reviews are used in employee performance evaluations.
System of Records Number(s)
Treasury/IRS 34.037 - IRS Audit Trail and Security Records System
Treasury/IRS 36.003 - General Personnel and Payroll Records
Treasury/IRS 24.030 - CADE Individual Master File
Data in the System
1. Describe the information (data elements and fields) available in the system in the following categories:
A. Taxpayer
B. Employee
C. Audit Trail Information (including employee log-in info)
D. Other (Describe)
A. EQSP does not contain any taxpayer information.
B. EQSP contains employee ID, SEID, SSN, Name, User ID, and Role ID. User ID and employee ID are unique database generated numbers used to identify an employee in the database. The Role ID is used to identify the permissions the user has within EQSP.
C. EQSP contains the Employee password, User ID, User login name, and Audit Log ID. The Employee password is encrypted and stored in the database. The Audit Log ID is a unique database generated number to identify rows in an audit log table that track certain changes made by Managers of employees.
D. EQSP contains Employee Tracking information such as business measures (Deposit Error, Deposit Timeliness, Letter Error, Notice Error, Refund Error, Refund Timeliness), job series, operation function and program codes, and quality review information.
2. Describe/identify which data elements are obtained from files, databases, individuals, or any other sources.
A. IRS
B. Taxpayer
C. Employee
D. Other Federal Agencies (List agency)
E. State and Local Agencies (List agency)
F. Other third party sources (Describe)
A. All data is manually entered by IRS employees conducting quality reviews except for data files coming from the Treasury Integrated Management Information System (TIMIS), Integrated Management Planning Information System (IMPIS) (which includes Employee Master File (EMF) and Operation Function Program file (OFP)), and the Single Entry Time Reporting System (SETR).
B. No information is collected from taxpayers.
C. Login and passwords are collected from employees when they access the system, and employee quality review information is stored in the database.
D. The TIMIS file is provided by the Department of Agriculture National Finance Center (NFC).
E. No State or Local Agencies are providing data for use in EQSP.
F. No other third party sources provide data for EQSP.
3. Is each data item required for the business purpose of the system? Explain.
Yes, each data item is required to track the quality review and efficiency of work for employees. The design of the application is to provide an automated way to assist managers and quality reviewers in capturing data from employee and managerial quality reviews within the Processing Centers. The user interface allows users to input data pertaining to quality reviews and assists managers in the release and recall of seasonal, career/career-conditional intermittent and term employees regardless of their assigned performance plan. Reports can be generated for planning and training purposes and also evaluative purposes. However, the SSN only comes in systematically from external sources and is never displayed on the screen or in any report or listing. Currently the external systems do not have SEID, so EQSP will need the SSN to tie all of the data together internally.
4. How will each data item be verified for accuracy, timeliness, and completeness?
Each data item is verified for accuracy, timeliness, and completeness at the time of input. For external data mentioned in item number 2A, processes will be in place to validate accuracy of the data before being loaded into the database.
5. Is there another source for the data? Explain how that source is or is not used. No.
6. Generally, how will data be retrieved by the user?
Data is retrievable by employee SEID and date range to modify, view or add a review for an employee. For employee quality reviews, the data on the review will be retrieved using the employee’s SEID (not the employee’s SSN) and a date range. For product reviews, review information will be retrieved using the Review Header ID, which is a field containing a number generated by the system when the review was created.
Reports can also be produced. Reports are generated by Site, Operation, Department, Team, SEID, Sample Pull ID, and date ranges. EQSP prevents unauthorized monitoring by limiting access to Sites, Operations, Departments, Teams, and SEIDs in the reports based on the role granted through the Online 5081 System. Sample Pull ID is a unique generated number within the database that is only accessible when you as a user create a review and is not available any other time in any other screens. The SSN is not displayed in any of the reports and is not a parameter to any of the reports.
7. Is the data retrievable by a personal identifier such as name, SSN, or other unique identifier?
The only reviews that are retrieved by a PERSONAL IDENTIFIER are employee reviews. The PERSONAL IDENTIFIER is the SEID. Product reviews contain no employee information and are retrieved by the REVIEW HEADER ID (SEE ITEM 6 ABOVE).
Access to the Data
8. Who will have access to the data in the system (Users, Managers, System Administrators, Developers, Others)?
Users, Managers, Quality Staff Employees, Submission Processing employees (to view their review results), HQ Analyst, P&A Analyst, Computer System Administrators (CSA), Operation, Site, and HQ Administrators, and the Programmer will have access to the data in the system. The programmer (developer) is an IRS employee and will need access to the database when working on (researching) programming/processing problems. The users are quality reviewers (QAO) and management officials.
9. How is access to the data by a user determined and by whom?
Access to the system is determined by the manager, based on a user’s position and need-to-know. Any user must use the Online 5081 system to request access to the System. The System Administrator determines to which group and menu the user will have access. When a user is added to EQSP, they are assigned a role based on the user’s position. UNAX training is also provided to inform users of the statutory rules governing and the IRS’ policy on unauthorized access and inspection of records by IRS employees.
10. Do other IRS systems provide, receive, or share data in the system? If YES, list the system(s) and describe which data is shared. If NO, continue to Question 12.
Yes.
TIMIS – Employee SSN and personnel information.
SETR – Employee SSN and personnel information.
IMPIS – Employee SSN and personnel information, and Organization, Function, and Program codes.
11. Have the IRS systems described in Item 10 received an approved Security Certification and Privacy Impact Assessment? Yes.
12. Will other agencies provide, receive, or share data in any form with this system? No.
Administrative Controls of Data
13. What are the procedures for eliminating the data at the end of the retention period?
IRM 1.15.6, Records Management.
The project will execute the steps below in the following order to eliminate data at the end of the retention period:
* Ensure that backups on the database have been completed.
* After verification of a database backup, the records to be eliminated from the database will be selected and stored in a flat file on the production system, where only the System Administrator will have access.
* Once the creation of the flat file is completed, the records that were stored in the flat file will be deleted from the database.
* The flat file will then be purged thirty days after creation.
14. Will this system use technology in a new way? If "YES" describe. If "NO" go to Question 15. No.
15. Will this system be used to identify or locate individuals or groups? If so, describe the business purpose for this capability.
Yes, the system provides the capability to identify and locate individuals and groups for training and evaluative purposes.
16. Will this system provide the capability to monitor individuals or groups? If yes, describe the business purpose for this capability and the controls established to prevent unauthorized monitoring.
Yes, the system provides the capability to monitor groups of people. The purpose of allowing this capability is to provide an automated way to assist managers and quality reviewers in capturing and reviewing data from employee and managerial quality reviews within the Processing Centers.
Access to EQSP is controlled by the System Administrator. Access to the system is determined by the manager, based on a user’s position and need-to-know. Any user must use the Online 5081 system to request access to the System. The System Administrator determines to which group and menu the user will have access. UNAX training is also provided to inform users of the statutory rules governing and the IRS’ policy on unauthorized access and inspection of records by IRS employees.
17. Can use of the system allow IRS to treat taxpayers, employees, or others, differently? Explain.
The system contains quality and efficiency review information for all employees performing submission processing work. Treatment of employees will be consistent nationwide. EQSP contains no processes that yield inconsistent employee treatment across the country. The information is used for individual and product review for training, planning, and evaluative purposes. The results of employee quality reviews may be used as part of employee performance appraisals. The quality review is not an employee performance appraisal.
18. Does the system ensure "due process" by allowing affected parties to respond to any negative determination, prior to final action?
Only employee quality reviews (of an employees work) involve employee data. Product reviews do not involve any employee specific information. For product reviews an employee would not be affected. The quality reviewer visually inspects the defects. The employee has the opportunity to explain, refute, or otherwise respond to the data via a Dispute Resolution Panel. The system also has an option to remove the data and exclude it from employee performance.
19. If the system is web-based, does it use persistent cookies or other tracking devices to identify web visitors?
EQSP does not use persistent cookies or other tracking devices to identify web visitors.
|
