Accessibility Skip to Top Navigation Skip to Main Content Home  |  Change Text Size  |  Contact IRS  |  About IRS  |  Site Map  |  Español  |  Help  
magnifying glass
Advanced Search   Search Tips

Dependent Data Base

 

Privacy Impact Assessment - Dependent Data Base

DEPB System Overview:

The Dependent Database (DDb) is a tool that identifies non-compliant Earned Income Tax Credit (EITC) and dependent issues through the use of internal and external data elements and provides the ability to freeze refunds.  The database is rule driven. If a rule condition is met as returns are processed through the DDb rule filtering process, the rule "fires" and the return is flagged for examination. Most of the selected returns are worked as pre-refund audits, which involve EITC. However, the DDb also identifies non-EITC issues that are worked as post-refund audits, such as the duplicated dependent issue.  

System of Records Number(s):

 Treasury/IRS 42.021  - Exam Projects
 Treasury/IRS 24.030  - Individual Master File
 Treasury/IRS 34.037 – IRS Audit Trail and Security Records System               

Data in the System

1. Describe the information (data elements and fields) available in the system in the following categories:
A. Taxpayer
B. Employee
C. Audit Trail Information (including employee log-in info)
D. Other (Describe)

A. Taxpayer
o Returns Transaction File (RTF) -all information contained on tax returns
o SSA database (DM-1) -SSN, Date of Birth, Date of Death & Citizenship indicators
o SSA- (Kidlink) –Child’s SSN, Birth Mother’s SSN, Birth Father’s SSN
o Health and Human Services (Federal Case Registry) -Custody orders for children receiving public assistance, custody orders involving private divorce cases, name & SSN of custodial party, name and SSN of non-custodial party or putative father
o Duplicate TIN database- SSn’s used as Primary, Secondary, & Dependent EIC qualifying child .

B. N/A

C.  The audit logs have critical event information (type of event, source of event, time and date of event, user accountable for event) that is useful for identifying system intrusion detection and system forensics should an attack occur.  Logs are regularly reviewed.

D. N/A 

2. Describe/identify which data elements are obtained from files, databases, individuals, or any other sources.
A. IRS
B. Taxpayer
C. Employee
D. Other Federal Agencies (List agency)
E. State and Local Agencies (List agency)
F. Other third party sources (Describe)

A. IRS
o Returns Transaction File -Prior and Current Year
o Duplicate TIN  Database                                 
o Individual master File  
o National Account Profile

B. Taxpayer
o Return information

C. Employee - N/A

D. Other Federal Agencies
o Department of Health and Human Services 
o Social Security Administration

E. State and Local Agencies - N/A
F Other third party sources - N/A

3.  Is each data item required for the business purpose of the system?  Explain.

Yes, we use the information to identify potential erroneous Earned Income Tax Credit claims and duplicate dependency exemptions claimed on current year filed tax returns.  Returns are scored and selected for examination.

4. How will each data item be verified for accuracy, timeliness, and completeness?

We receive updates yearly (sometimes more frequently) on these data items from the agencies that provide the information.  We also track audit results to determine the accuracy of the information used.

5. Is there another source for the data?  Explain how that source is or is not used.  No.

6. Generally, how will data be retrieved by the user? 

The data is retrieved by actual selection of the returns for examination.  The end user can also   access the secured command codes of DDBCK, DDBKD&  DDBOL.

7. Is the data retrievable by a personal identifier such as name, SSN, or other unique identifier? 

DDBCK-
o Input of a primary SSN will display the dependents & qualifying children from an original posted return.
DDBKD-
Input of child’s SSN will display
From SSA-
o Date of Birth
o Date of Death
o DM1 update date
o Citizenship code
o Current SSA name control
From Federal Case Registry
o Case type
o Custody Parent’s SSN
o Non Custody Parent’s SSN
o Putative Father’s SSN
o State code
o Case Number
From Kidlink
o Birth Mother’s SSN and whether SSN was verified by SSA
o Birth Father’s SSN and whether SSN was verified by SSA
o Child’s current name control
o Kidlink record update date
From DUPTIN
o The primary SSN of the return that this SSN appeared on
o How SSN use used on return (As a primary, secondary, dependent and/or qualifying child
DDBOL
Input of primary SSN on tax return will generate
o The Dependent Data Base rule that broke
o Examination information –tax change, EITC change, date closed, etc
o SSN(s) of child/children being claimed for EITC, exemption, Child Tax Credit, & Child Care.

Access to the Data

8. Who will have access to the data in the system (Users, Managers, System Administrators, Developers, Others)?

End Users- Exam personnel including managers, clerks, system administrators
CAS personnel for DDBCK
Developers
IS personnel

9. How is access to the data by a user determined and by whom? 

Using the 5081 process, and on a need to know basis approved by their manager
Data is restricted to the ability to read except for DDBCK where the end user can add SSN’s of additional qualifying children

10. Do other IRS systems provide, receive, or share data in the system?  If YES, list the system(s) and describe which data is shared.  If NO, continue to Question 12.

Yes

MITS-22 IBM Masterfile information GSS
MITS-23 UNISYS Database GSS Platform

11. Have the IRS systems described in Item 10 received an approved Security Certification and Privacy Impact Assessment?  Yes.

12.  Will other agencies provide, receive, or share data in any form with this system?  No.

Administrative Controls of Data

13.  What are the procedures for eliminating the data at the end of the retention period?

DEPDB  Records will be retained and/or destroyed according to IRM schedule 1.15.31-16  Records Control Schedule for Field Customer Services Office directives.    

14.  Will this system use technology in a new way?  If "YES" describe.  If "NO" go to Question 15. No.


15.  Will this system be used to identify or locate individuals or groups?  If so, describe the business purpose for this capability. No.

16. Will this system provide the capability to monitor individuals or groups? If yes, describe the business purpose for this capability and the controls established to prevent unauthorized monitoring.  No. 

17. Can use of the system allow IRS to treat taxpayers, employees, or others, differently?  Explain.  No.

18.  Does the system ensure "due process" by allowing affected parties to respond to any negative determination, prior to final action?  Yes.

19.  If the system is web-based, does it use persistent cookies or other tracking devices to identify web visitors?  No.
 


Page Last Reviewed or Updated: October 25, 2006