Accessibility Skip to Top Navigation Skip to Main Content Home  |  Change Text Size  |  Contact IRS  |  About IRS  |  Site Map  |  Español  |  Help  
magnifying glass
Advanced Search   Search Tips

Tax Exempt Determination System

 

Privacy Impact Assessment – Tax Exempt Determination System

TEDS System Overview: 

The Tax Exempt Determination System (TEDS) Release 2b Phase 1 is an IRS application/system that has been categorized as a Minor application.  TEDS 2b Release 1 will reside on the Windows Server 2003 platform and is targeted for deployment by June 16, 2006.  TEDS Release 2b Phase 1 is an application used by TE/GE to assist in the processing of Exempt Organization (EO) and Employee Plan (EP) forms/cases according to Section 6103 of the Internal Revenue Code.  EO submitters may be a non-profit organization such as the Girl Scouts or a YMCA applying for tax-exempt status.  EP forms are submitted by employers for review of their employee plans (e.g. 401k plans) for tax-exempt status.

TEDS accomplishes this purpose by allowing users to scan forms into a Records Repository and track the status and correspondence of a case.  The current release of TEDS, TEDS Release 2b Phase 1, builds off TEDS 2a functionality and adds support for the processing of EP Form 5307 (Application for Determination for Adopters of Master or Prototype or Volume Submitter Plans).  Currently this is the only form supported by this version of TEDS.

Systems of Records Notice(s):

IRS 00.001  Correspondence Files and Correspondence Control Files
IRS 00.003  Customer Feedback System
IRS 24.046  Business Master File
IRS 34.020  IRS Audit Trail Lead Analysis System (ATLAS)
IRS 34.037  IRS Audit Trail and Security Records System
IRS 37.008  Register of Docketed Cases and Applicant Appeals
IRS 42.008  Audit Information Management System
IRS 44.003  Audit Information Management System
IRS 50.001  Employee Plans/Exempt Organizations Correspondence Control Records
IRS 50.003  Employee Plans/Exempt Organizations, Reports of Significant Matters
IRS 90.007  Chief Counsel Legislation and Regulations Division, Employee Plans and Exempt Organizations Division, and Associate Chief Counsel (Technical and International) Correspondence and Private Bill File

Data in the System

1. Describe the information (data elements and fields) available in the system in the following categories:
A. Taxpayer
B. Employee
C. Audit Trail Information (including employee log-in info)
D. Other (Describe)

A. Taxpayer
TEDS includes information relating to an organization and/or employee plan, which is used to determine whether or not the organization and/or employee plan is eligible for tax-exempt status.  In rare circumstances it is possible that an individual taxpayer may supply their social security number (SSN) on an application for determination of a plan.  Upon receipt of an application with an SSN, the case specialist would assign an Employer Identification Number (EIN) to the application and enter that EIN as the identifier in the TEDS database.  The only presence of the SSN would be in the image stored on a series of NT servers at the ECC-MEM in Memphis, which is accessible only to high level System Administrators (SAs) at the TCC.

The taxpayer information collected will be taken from a variety of applications, and Power of Attorney Forms 2848 and Form 8821.  Power of Attorney information may be written in a free-flow format.  This information is then manually entered into the system.  Other forms utilized include Forms 1023 and all its associated schedules (which uses 417 barcode scan to convey information), 1024, 1025, 1026, and 1028 for exempt organization entries and Forms 4461, 4461A, 4461B, 5300, 5303, 5307, 5310, 5310A, and 6406 for employee plan entries.  Through an automated process the information from these forms are entered into the computer.  There is generic information on all forms, however, all information is not required for each form as the forms or application serve different purposes.  Typical information may include:

• Plan Sponsor Name
• Employer Identification Number
• Plan Name
• Address to include City, State, and Zip Code
• Telephone Number (Business)
• Person to Contact for more information, to include Name and address
• Name of Employer
• Employer’s tax year end (Month)
• Details of the plan to include funds returned to the employer, proposed plan termination, plan type, membership in controlled groups, reason for termination, funding arrangement
• Name of Trustee(s), telephone number and address.
• Number of participants in the plan and statistical information
• Employer contribution and forfeitures
• How distribution will be made upon termination
• Receivables, general investments, employer related investments, building and other property used in plan operation, benefits claims payable, operating payables, acquisition indebtedness, other liabilities
• Signature and title of Employer
• General Eligibility Requirements
• Date incorporated or formed
• Number of shares of current outstanding capital stock and other details
• Value of agricultural products
• Gross dues
• Expenditures such as Compensation of officers, directors and trustees, Other salaries and wages, Interest, Rent, Dues and assessments of affiliated organizations, etc.
• Assets
• Liabilities and Capital

B. Employee
Employee data used in this system consists of profile information that is stored and used to route work to the employee (e.g., User Identification (USERID), access limitations).

IRS employee information included in the TEDS application is information used to identify the user/IRS employee processing the claim and includes:
 
• Employee name
• Employee user ID
• Employee’s manager name
• Employee’s manger user ID
• Employee Contact Information (address and phone number)

C. Audit Trail Information
TEDS maintains an application audit trail (also known as case chronology).  Through use of Captiva (COTS software), auditing of users is conducted at the GSS level after each of the following actions:

* Scan
* Package review module checks contents of package (QA step)
* Image quality assessment (skew, de-skew)
* Pages are identified for OCR (based on form)
* Package submission
* OCR is performed

These audit records are stored in a proprietary database using InputAccel, and may only be viewed by privileged managers with access to the Manager's Console.

Following an audit triggered by Captiva, Documentum (COTS software) maintains a log of all database activity.

The TEDS application audit trail includes the following information:

* Unique identifier for each transaction
* Status_Code (effected by update)
* CASE_NUMBER (TEDS Case Number)
* DATE_CHANGED
* DATE_ENTERED
* USR_CODE (single TEDS User ID from Captiva)
* COMMENTS
 
D. Other (Describe)
No other information is used in the TEDS.

2. Describe/identify which data elements are obtained from files, databases, individuals, or any other sources.
A. IRS
B. Taxpayer
C. Employee
D. Other Federal Agencies (List agency)
E. State and Local Agencies (List agency)
F. Other third party sources (Describe)

A. IRS
Technical specialists may query the Business Master File (BMF), Employee Plans Master File (EPMF), National Account Profile (NAP), and Certified Authorization File (CAF) “Power of Attorney” mainframe system to verify information contained in an organization’s application.  However no information from the BMF, EPMF, or NAP is stored on the TEDS.
 
Payment status information on applications is supplied by the IRS Letter Information Network User System (LINUS).
Information from applications not yet being processed by TEDS is supplied by the legacy EP/EO Determination System (EDS).  When TEDS is fully operational, it will replace EDS.

B. Taxpayer
Information stored within the TEDS is provided on hard copy applications and supporting documentation received from an organization, which are submitted to the TE/GE office for a determination of the tax exempt eligibility of an organization and/or employee plan.
 
C. Employee 
The functional security manager is responsible for adding the SEID of users into Documentum.  TEDS compares the SEID of the user's account to the SEID which was added into Documentum.  The SEIDs must match for access to Documentum to be granted.  IRS LAN accounts are created at the GSS level. 

D. Other Federal Agencies
No Federal Agencies provide data for use in TEDS.

E. State and Local Agencies
No State or Local Agencies provide data for use in TEDS.

F. Other third party sources
No other third party sources provide data.

3. Is each data item required for the business purpose of the system?  Explain.

Yes, each data item is required in order for IRS employees to determine if an organization meets all requirements for exemption or to determine if an employee plan is a qualified employee plan.


4. How will each data item be verified for accuracy, timeliness, and completeness?

Captiva is used for scanning and imaging all correspondence.   Optical Character Recognition (OCR) is used to convert the hard copy text into a soft copy.  TEDS users at the CSPC then use Captiva FormWare to correct and validate the data.  The technical specialist will review each application for sufficient data necessary to scan the document.  Automated business rules check to ensure information is complete and will cite what information might be missing.  The technical specialist reviews the business rules findings and makes the final determination on completeness and can overrule the business rules if necessary. 

5. Is there another source for the data?  Explain how that source is or is not used.

No, TEDS does not collect information from sources other than IRS records or taxpayers.

6. Generally, how will data be retrieved by the user? 

The user will retrieve information from TEDS through a web-based interface using the organization’s EIN or a number assigned to uniquely identify each application in TEDS (the TEDS Case Number).

7. Is the data retrievable by a personal identifier such as name, SSN, or other unique identifier? 

Yes, TEDS data can be retrieved by EIN, name, or TEDS Case Number.

Access to the Data

8. Who will have access to the data in the system (Users, Managers, System Administrators, Developers, Others)?

TEDS does not allow access to the public.  Personnel who will have access to data in TEDS:

• IRS Determination workload managers.
• IRS Determination reviewers and managers.
• IRS Determination agents/technical specialists.
• Customer account service representatives.
• Documentum Database Administrator.

Contractors who might require access to the data are required to have a full background investigation and complete the OL5081 process and receive manager’s approval before performing any MITS activities through TEDS.

9. How is access to the data by a user determined and by whom? 

Access to data within the system is restricted through settings on Documentum and Captiva.  Restrictions are based on business rules contained in the TEDS Business Rules Document.  Documentum designates 8 different levels of access permission, while Captiva strictly allows or disallows a user access.  TEDS uses roles and privileges to control the levels of access a user account may have.  In general, managers can do anything the people they manage can do.

A user’s position and need-to-know determines the level of access to the data.  The System Administrator grants approval for system access.  A user’s access to the data terminates when the user no longer requires access to TEDS.

The following mandatory rules are defined for users of all IRS computer and information systems:

• Users are forbidden to access, research, or change any account, file, record, or application that is not required to perform official duties.
• Users are restricted to only accessing, researching, or changing accounts, files, records, or applications that are required to perform their official duties.  Access is limited by the users’ role and assignments.  TEDS does not interface with the User TIN list.
• Users are restricted from accessing their individual/spouse account, accounts of relatives, friends, neighbors, or any account in which the user has a personal or financial interest.  Users are restricted from accessing the accounts of famous or public persons unless given authorization.
• If asked to access an account or other sensitive or private information, users are required to verify that the request is authorized and valid.  Users will be held accountable if they access an unauthorized account.
• Users are required to retrieve all hard copy printouts in a timely manner, ensure that magnetic media is secured based on the sensitivity of the information contained, and that they will practice proper labeling procedures.  Users are instructed not to disclose or discuss any IRS-related information with unauthorized individuals.
• Users are instructed to protect IRS employee internal work from disclosure.
• All vendors are to be escorted and monitored.

The user’s access will be restricted by the access limitations assigned to the profile associated with the user’s unique USERID.  The profile is established to allow workflow activities to route documents and cases to the proper specialists.

Profiles are assigned by TEDS Functional Security Managers.  The Functional Security Managers periodically review the roles to ensure that user authorizations are correct.  There are three TEDS Functional Security Managers for each organization and they participate in the OL5081 process.

10. Do other IRS systems provide, receive, or share data in the system?  If YES, list the system(s) and describe which data is shared.  If NO, continue to Question 12.

TEDS communicates with two IRS systems, the Employee Plan/Exempt Organization Determination System (EDS) and Letter, Information & Network User Fee System (LINUS). 

EDS provides information from applications not yet being processed by TEDS.  When TEDS is fully operational, it will replace EDS; EDS is a legacy system which TEDS is incrementally replacing in functionality.  TEDS communication with EDS is one-way; EDS only receives data from TEDS.  TEDS now supports Microsoft Message Queuing (MSMQ) and XML to send and receive files/transactions to/from external systems.  EDS requires files be sent using the File Transfer Protocol (FTP) and is unable to receive MSMQ and XML data.  As an interim solution until EDS is replaced, TEDS converts the ‘699’ XML message queue data to a fixed length ‘699’ record and writes the record to a shared directory that is accessible by EDS.  EDS will send the EDS acknowledgement record to that shared directory using FTP.  TEDS will read the acknowledgement file and load it into the message queue in XML format.  For more information on EDS, refer to the TEDS and EDS Interface Control Document, dated December 14, 2005.

The exchange of information between LINUS and TEDS begins with new applications (both remit and non-remit) being entered into LINUS.  Once the application information has been entered into LINUS, and the payment/check has been removed from the application package, the application package is sent to document preparation and scanned into the Receipt and Handling subsystem.  The package will remain in Receipt and Handling until LINUS reconciliation occurs. 

LINUS will provide TEDS with user fee information for the application after completion of the batch reconciliation process for new applications (initial user fees) and established cases (additional user fees).  After the LINUS user fee reconciliation process, TEDS will complete the application verification steps, process the user fee information from LINUS, and send LINUS the application related data that LINUS requires.

11. Have the IRS systems described in Item 10 received an approved Security Certification and Privacy Impact Assessment?

YES. EDS has a security certification and a PIA.  LINUS is completing security certification and has a completed PIA.  TE/GE is working to move LINUS functionality to some other existing system that has both a security certification and a PIA.

12.  Will other agencies provide, receive, or share data in any form with this system?

Internal Revenue Code §6104(c)(A) requires that IRS notify “the appropriate State officer” of a Denial or Failure to Establish issued to an organization that applied for recognition of exemption under §501(c)(3), or of a Termination by a §501(c)(3) organization.  To meet this requirement, on a monthly basis TEDS generates a paper list of Denials, Failures to Establish, and Terminations, which are then mailed to the respective states.  For each entity the list includes the name, address and EIN.  The states do not maintain any direct access to the TEDS database, nor is any data transmitted electronically.

Administrative Controls of Data

13.  What are the procedures for eliminating the data at the end of the retention period?
 
Information will be retained for ten years and determination information will be retained indefinitely.  (EO Administrative Case Files are included in IRM 1.15.36, Records Control Schedule for Permanent Records.) 

14.  Will this system use technology in a new way?  If "YES" describe.  If "NO" go to Question 15. 

No, TEDS is not using technologies in ways that the IRS has not previously employed.

15.  Will this system be used to identify or locate individuals or groups?  If so, describe the business purpose for this capability.  No.

16. Will this system provide the capability to monitor individuals or groups? If yes, describe the business purpose for this capability and the controls established to prevent unauthorized monitoring.

Office of Foreign Asset Control (OFAC) monitoring capabilities are being added in the future as required, however, this monitoring will not be part of the business process of TEDs.

17. Can use of the system allow IRS to treat taxpayers, employees, or others, differently?  Explain.

The system does not make allowances for different treatment as a standard business process, however, the system does allow certain cases to be expedited (by Congressional or Executive Order or the Department Head) only if cases are approved.  Otherwise, the first and default priority for handling cases is the post-mark date.

18.  Does the system ensure "due process" by allowing affected parties to respond to any negative determination, prior to final action?

Yes.  For a "negative determination" as to exemption/qualification, the applicant is notified of a proposed adverse determination and is given an opportunity to protest before any final action is taken.  Additionally, the applicant has the right to go to Appeals (or EO Technical or EP Exam for certain cases).

19.  If the system is web-based, does it use persistent cookies or other tracking devices to identify web visitors?

TEDS does not use persistent cookies or other tracking devices to identify web visitors.  Documentum allows users to make use of a persistent cookie if they so choose, but does not set this cookie as a default setting.  There is no password information (only SEID) retained in the cookie.  If the user chooses to use the cookie, it is stored on their computer and is protected under the user profile to prevent other users from accessing that cookie.
 


Page Last Reviewed or Updated: November 08, 2006