Accessibility Skip to Top Navigation Skip to Main Content Home  |  Change Text Size  |  Contact IRS  |  About IRS  |  Site Map  |  Español  |  Help  
magnifying glass
Advanced Search   Search Tips

Unified Document Processing System (UDPS)

 

Privacy Impact Assessment - Unified Document Processing System (UDPS)

UDPS System Overview

The Unified Document Processing System (UDPS) is an automated authoring tool for creating, revising, and storing Technology Model Views (e.g. conceptual, logical and physical). Technology Model Views contain technical information about IRS projects. Technology Model Views are required by the IRS Enterprise Life-Cycle.

System of Records Number(s)

Treasury/IRS 34.037, IRS Audit Trail and Security Records

Data in the System

1. Describe the information (data elements and fields) available in the system in the following categories:

A. Taxpayer
B. Employee
C. Audit Trail Information (including employee log-in info)
D. Other (Describe)

A. None
B. The SEID of the user who requested a given publication is stored in the publication request record as Username. The SEID of the user who created a given section is stored in the content record as UDPSUser. The SEID of the user making a specific comment on the document is stored in the change request record as UDPSUser.
C. None.
D. Specifications, security documentation, engineering diagrams, and other technical documentation.

2. Describe/identify which data elements are obtained from files, databases, individuals, or any other sources.

A. IRS
B. Taxpayer
C. Employee
D. Other Federal Agencies (List agency)
E. State and Local Agencies (List agency)
F. Other third party sources (Describe)

A. The data elements listed in 1-D are derived from the IRS.
B. None
C. The Username and UDPS User fields listed in 1-B are derived from the Employee's login information.
D. None
E. None
F. None

3. Is each data item required for the business purpose of the system?  Explain.

Yes. The retrieval of the technical data created under 1-D is the primary business purpose of the system. The user names under 1-B are needed to control updates to the data under 1-D. The user SEID is required for determination of unauthorized or excessive use detection.

4. How will each data item be verified for accuracy, timeliness, and completeness?

Before a content item is made available to general users of the system, it is reviewed by subject matter experts, who are assigned to review specific content items by the publisher.

5. Is there another source for the data?  Explain how that source is or is not used.  No.

6. Generally, how will data be retrieved by the user?

Using a Web browser, a user logs into Employee User Portal selects the UDPS application from a list of applications to which that user has access. All other access is controlled by the navigational capabilities of the UDPS application.

7. Is the data retrievable by a personal identifier such as name, SSN, or other unique identifier?  No.

Access to the Data

8. Who will have access to the data in the system (Users, Managers, System Administrators, Developers, Others)?

Users and System Administrators

9. How is access to the data by a user determined and by whom?

General application access is determined through the 5081 process.

10. Do other IRS systems provide, receive, or share data in the system?  If YES, list the system(s) and describe which data is shared. If NO, continue to Question 12.  No.

11. Have the IRS systems described in Item 10 received an approved Security Certification and Privacy Impact Assessment?  N/A.

12. Will other agencies provide, receive, or share data in any form with this system?

No. Application does not share data with other systems.

Administrative Controls of Data

13. What are the procedures for eliminating the data at the end of the retention period?

Technical documents do not have defined retention periods and are not eliminated. (NOTE: Because UDPS is utilizing existing STIR/ISS infrastructure, audit data and log retention is outside of UDPS.)

14. Will this system use technology in a new way?  If "YES" describe. If "NO" go to Question 15.  No.

15. Will this system be used to identify or locate individuals or groups?  If so, describe the business purpose for this capability.  No.

16. Will this system provide the capability to monitor individuals or groups? If yes, describe the business purpose for this capability and the controls established to prevent unauthorized monitoring.  No.

17. Can use of the system allow IRS to treat taxpayers, employees, or others, differently?  Explain.  No.

18. Does the system ensure "due process" by allowing affected parties to respond to any negative determination, prior to final action?

N/A. no monitoring.

19. If the system is web-based, does it use persistent cookies or other tracking devices to identify web visitors?  No.
 


Page Last Reviewed or Updated: February 23, 2006