Privacy Impact Assessment – Large and Mid Size Business (LMSB) Workload Identification System (LWIS)

LWIS System Overview:

The Large and Mid Size Business (LMSB) Workload Identification System (LWIS) is a Minor Application that has been operational since September 2001.  The LWIS application is primarily used by IRS Industry Planning and Special Programs (PSP) analysts to identify and send returns to audit team managers.  The returns are Forms 1120, 1120S, 1120F and 1065.  LWIS is a menu driven application that has approximately 15 users who are located at various locations including CA, IL, NJ, NY, and TX.  LWIS consists of a collection of customized, IRS developed software applications (i.e. Microsoft (MS) Access) that are used for entering, retrieving, or deleting data on a Microsoft SQL 2000 database which resides on a Dell 6450 platform running Windows 2000 server operating system located at the Detroit Computing Center (DCC) on the MITS-2 General Support System.  LWIS is also integrated with the LMSB Image Net (LIN), a separate application that stores returns as .pdf images.  Once returns are selected for audit by the team manager, if LIN has a file of the return in .pdf file, LWIS points the revenue agent to the file through a hyperlink.

LWIS access is restricted to approved users who are allowed access via the OL5081 process.  They do not have Structured Query Language (SQL) access to the Database Management System (DBMS) and all user functions are accomplished through a specific menu item or a perform screen. 

Systems of Records Number(s): 

Treasury/IRS 24.046  Business Master File
Treasury/IRS 34.037  Audit Trail and Security Records System
Treasury/IRS 42.008  Audit Information Management System
Treasury/IRS 42.021  Compliance Programs and Project Files

Data in the System

1. Describe the information (data elements and fields) available in the system in the following categories:
A. Taxpayer
B. Employee
C. Audit Trail Information (including employee log-in info)
D. Other (Describe)

A.  Taxpayer information in LWIS is taken from returns filed on Forms 1120, 1120S, 1120F and 1065.  The data in the LWIS system includes four digits of the Employer Identification Number (EIN) or Taxpayer Identification Number (TIN); Secondary Social Security Number (SSN); City Location; State; zip code (plus 4); Master File Account (tax information elements include: Industry Code, Tax Period return filed (TXPD), Audit Information Management System (AIMS) information, historical tax event codes and dates, Disaster Victim Status). 

B.  Employee Data in LWIS consists of 4 digit user ID (i.e., not an SEID); work group; manager name (first and last); manager phone; manager fax; Post of Duty (POD) code; POD street address; POD zip code; manager e-mail.

C.  Auditing is only performed at the server level and not for the application itself.  As the server is managed and administered by MITS-2, if any suspicious or potentially malicious activity is detected, the appropriate application POCs (e.g., administrators and managers) are notified.

D.  Audit Information Management System (AIMS) provides taxpayer audit records and cycles to LWIS.

2. Describe/identify which data elements are obtained from files, databases, individuals, or any other sources.
A. IRS
B. Taxpayer
C. Employee
D. Other Federal Agencies (List agency)
E. State and Local Agencies (List agency)
F. Other third party sources (Describe)

A. The Business Master File (BMF) system supplies all taxpayer data from Forms 1120, 1120S, 1120F and 1065, including four digits of the Employer Identification Number (EIN) or Taxpayer Identification Number (TIN); four digits of a Secondary Social Security Number (SSN); City Location; State; zip code (plus 4); Master File Account (tax information elements include: Industry Code, TXPD, AIMS information, historical tax event codes and dates, Disaster Victim Status).  This information comes from weekly Audit Information Management System (AIMS) runs which extract information from BMF.  BMF is an inventory system containing all tax forms for business taxpayers.  It takes cases that are ready for audit and assigns them to the users for review.  After this review, selected returns are then assigned to a field agent for examination.

The Online (OL) 5081 supplies Employee Data in LWIS.  This consists of 4 digit user ID (i.e., not an SEID); work group; manager name (first and last); manager phone; manager fax; Post of Duty (POD) code; POD street address; POD zip code; manager e-mail.

AIMS provides records and cycle information related to previous taxpayer audits, if applicable.  LWIS also is integrated with the LMSB Image Net (LIN), a separate application that stores returns as .pdf images.  If LIN has the selected return in .pdf, LWIS points the revenue agent to the image file through a hyperlink.  The agent then is able to access the return and work it from the image in lieu of locating and transporting paper or electronic documents from the processing centers.

B.  No information comes directly from the taxpayer.

C.  The routing of returns is done by employees.  These employees do not change the information in the system. These employees, referred to as “Industry Analysts”, simply modify the assignment information to ensure that it is assigned the group who will assess and process the information so that the cases may be routed to the correct group of Field Analysts.

D.  N/A.  No information in LWIS is obtained from other Federal Agencies.

E.  N/A.  No information in LWIS is obtained from State or Local Agencies.

F.  N/A.  No information in LWIS is obtained form third party sources

3. Is each data item required for the business purpose of the system?  Explain.

Yes.  The information related to the taxpayer (EIN; TIN; Secondary SSN; City Location; State; zip code [plus 4]) is used to positively identify the taxpayer’s return and to ensure that tax return information is correct.  Master File Account information (Industry Code, TXPD, AIMS information, historical tax event codes and dates, and Disaster Victim Status) is used for the ranking of returns.  This allows the industry analyst to pick the best ranked return from the field of eligible returns and route them to the Industry Analysts. 

The group manager name (first and last); manager phone; manager fax; Post of Duty (POD) code; POD street address; manager e-mail are kept so that he or she can be contacted, and the information for the LWIS system can be shipped to him or her and assigned to the individual industry analysts.

A 4-digit user ID; work group AIMS records and cycle information are used to assign tasks to individual Industry Analysts.

4. How will each data item be verified for accuracy, timeliness, and completeness?

Data has been validated in the BMF prior to receipt by the LWIS application.  LWIS does not verify taxpayer information on its own, and cannot change the information.  Local employee information is updated by the Planning and Operations Support Program (PSP) Analysts as they receive information indicating that the status of validated data as they are entered on user interface screens.

5. Is there another source for the data?  Explain how that source is or is not used.

No.  There is no other source for data found in the LWIS. 

6. Generally, how will data be retrieved by the user? 

Users follow a specific set of instructions in order to download the MS Access application and connect to the LWIS application. 

Program Administrators, Industry Analysts, and Program Analysts are allowed access to the LWIS application using a Microsoft (MS) Access application.  An Object Database Connection (ODBC) that has been configured within MS Access permits connectivity to the LWIS SQL server.  Once attached to the LWIS SQL server, Program Analysts may generate reports.  Industry Analysts may generate reports, route returns to groups, and change relevant group information.  There is also a zip code lookup feature that can be accessed by users.  The zip code lookup feature consists of a Post Of Duty (POD) look-up table.  The application looks at the zip code on the return and assigns the return to an office located in that region.

Group managers (those in charge of field agents throughout the country) contact Industry Analysts to request cases.  These Industry Analysts query LWIS to view returns that are available for group (field agent) assignment.   LWIS displays all returns that are currently available and then select returns based on managers’ needs.  Typically, based on the group manager’s geographic location, industry analysts select currently available cases and match them to the state where a manager is located. 

Program Analysts serve as management assistants who have the authority to generate quality reports.  These users review data within LWIS and generate reports to display various statistics about existing workload assignments.  Different reports can be run depending on management needs.

Using Microsoft Access, Program Administrators are the individuals who modify code and/or create tables within the LWIS application.  As a result, a new LWIS database application is created in the form of an .mdb file which contains tables, queries, and input data.  These are entered and retrieved through user interface screens.

7. Is the data retrievable by a personal identifier such as name, SSN, or other unique identifier? 

Personal identifiers are not used by Program Analysts in order to retrieve quality reports.  These reports are retrieved using Master File Account numbers (i.e., not an EIN or TIN).  However, Program Administrators may access the LIN (a system external to LWIS) lookup utility by entering four digits of the EIN and the TXPD.

Access to the Data

8. Who will have access to the data in the system (Users, Managers, System Administrators, Developers, Others)?
 
* Program Analysts (i.e.  PSP) Analysts may generate reports in the LWIS system.  The data fields in the reports are pre-populated.  Program Analysts cannot alter the data within the reports.
* Industry Analysts may route returns to groups and change information relevant to groups.  They may perform queries according to Post of Duty, State, and Return Type. 
* Program Administrators (i.e. Database Administrators and Developers) are the only individuals allowed to apply structural changes to tables within MS Access so that particular screens are displayed based on a user’s role. 
* In addition to the above, the Developer for the LWIS system is able to perform all system functions, change the user profiles.  The Developer is authorized to implement the changes to MS Access tables, reports, queries, and data, and can remotely access the LWIS application to perform any necessary updates, maintenance, or troubleshoot through the IRS approved Enterprise Remote Access Project (ERAP) or Virtual Private Network (VPN), only.

No contractors have access to the LWIS system.

9. How is access to the data by a user determined and by whom? 

Users must register for access in OL-5081.  The person must first agree to an IRS Registration Agreement that prohibits the person from disclosing information on the website with unauthorized users.  Next, the person must fill out a registration form within OL-5081. The OL-5081 system generates a password.  OL-5081 e-mails the temp password to the user. Once the user has access to the IRS LAN by following the OL-5081 registration process, and received manager approval, he must then apply to the security officer at his or her installation for access to LWIS.  This security officer must then approve access to the LWIS system.  The approval is then communicated to a LAN administrator who will add the user to the user group.  In addition, users must follow a specific set of instructions in order to download the MS Access application and connect to the LWIS application.  Once the user has gained access to LWIS, the database determines what information the user is able to see, according to his or her role.  There are three levels of users in LWIS.  Each of these levels has a predetermined level of access based upon need to know in order to perform their jobs as individual employees.

Contractors do not have access to LWIS.

10. Do other IRS systems provide, receive, or share data in the system?  If YES, list the system(s) and describe which data is shared.  If NO, continue to Question 12.

Yes.  The BMF system supplies all taxpayer data, including four digits of the Employer Identification Number (EIN) or Taxpayer Identification Number (TIN); four digits of a Secondary Social Security Number (SSN); City Location; State; zip code (plus 4);  Master File Account (tax information elements include: Industry Code, TXPD, AIMS information, historical tax event codes and dates, Disaster Victim Status).  This information comes from weekly Audit Information Management System (AIMS) runs which extract information from BMF.  BMF is an inventory writing system that contains all tax form types for business taxpayers.  It takes cases that are ready for audit and assigns them to the users for review.  They are then assigned to an employee in the field via LWIS. 

The Online (OL) 5081 supplies Employee Data in LWIS.  This consists of 4 digit user ID; work group; manager name (first and last); manager phone; manager fax; Post of Duty (POD) code; POD street address; POD zip code; manager e-mail.

AIMS also provides records and cycle information.

11. Have the IRS systems described in Item 10 received an approved Security Certification and Privacy Impact Assessment?

BMF received an approved Security Certification on August 16, 2004.  The Security Certification expires on September 10, 2006.  It received a signed Privacy Impact Assessment memorandum on August 22, 2003, expiring August 22, 2006.

OL-5081 received an approved security certification on February 4, 2005.  It expires on July 28, 2006.  OL-5081 received a signed Privacy Impact Assessment memorandum on April 4, 2006, expiring April 4, 2009.

AIMS received an approved Security Certification on September 20, 2005.  The Security Certification expires on September 20, 2008.  AIMS has not received a signed Privacy Impact Assessment memorandum.

12.  Will other agencies provide, receive, or share data in any form with this system?

No other agencies provide, receive, or share data in any form with this system.

Administrative Controls of Data

13.  What are the procedures for eliminating the data at the end of the retention period?

Currently, LWIS media destruction and disposal controls are implemented at the business unit level for diskettes and servers media are handled at the GSS level.  All LWIS users abide by the policy that information system digital media is sanitized or destroyed prior to disposal or reuse.  Records are overwritten once LWIS updates are performed.

Auditing is only performed at the server level and not by the application itself.  The server is managed and administered by MITS-2.  For all MITS-2 applications, audit logs are destroyed when the retention period is expired, as defined by IRS IRM Section 10.8.3.5.1.9.  Audit logs are sent to Iron Mountain and stored for seven years.  Electronic marking control data (e.g., signature certificates, private/public keys) are securely maintained.  Storage media is sanitized (e.g., overwritten, degaussed, or destroyed) prior to reuse or release.  Event logs are archived to CD-ROM on a monthly basis and retained for not less than six years.  Audit logs are maintained in compliance with record retention policies for a minimum period of seven years. 
 
14.  Will this system use technology in a new way?  If "YES" describe.  If "NO" go to Question 15. 

No.  This system will not use technology in a new way.

15.  Will this system be used to identify or locate individuals or groups?  If so, describe the business purpose for this capability.

User information (employee name, phone number, building address, e-mail address) is used to locate parties responsible for receipt of tax return information that will be processed using LWIS.  Paper tax returns themselves are addressed and sent to the appropriate group.  The information used to address the packets does not contain personally identifiable information.  Hence, there is no information in LWIS data files that can be used to locate individuals or groups of taxpayers. 

16. Will this system provide the capability to monitor individuals or groups? If yes, describe the business purpose for this capability and the controls established to prevent unauthorized monitoring.

Beyond normal auditing functionality, which takes place on the MITS-2 GSS, no monitoring of individuals or groups takes place in the LWIS program.

17. Can use of the system allow IRS to treat taxpayers, employees, or others, differently?  Explain.

No.  LWIS is an inventory evaluation tool used to retrieve and review returns pre-selected  for audit.  The LWIS system does not target any individuals or groups and nothing in LWIS allows taxpayers to be treated differently.  Accounts are pre-selected for auditing before they are entered into LWIS.  The selection process is based on predetermined criteria apart from the LWIS process. 

18.  Does the system ensure "due process" by allowing affected parties to respond to any negative determination, prior to final action?

N/A.  The system is a routing system for tax returns.  It does not make determinations that will result in a negative action.  Hence, due process would not be applicable to this system.

19.  If the system is web-based, does it use persistent cookies or other tracking devices to identify web visitors?  No.