Accessibility Skip to Top Navigation Skip to Main Content Home  |  Change Text Size  |  Contact IRS  |  About IRS  |  Site Map  |  Español  |  Help  
magnifying glass
Advanced Search   Search Tips

Modernized e-File

 

Privacy Impact Assessment - Modernized e-File

Description of System:

For Release 4.0, because of the significant infrastructure changes being made for MeF, the MeF APP PIA should be read in conjunction with the STIR MSI PIA Appendix G – State Activities for a complete description of the MeF system.

MeF is the IRS’s Modernized e-filing system.  MeF currently accepts electronically filed 1120, 1120S, 7004, 990, 990-EZ, 990-PF, 1120-POL, and 8868 (Extension to file 990) tax returns and documents.  In Release 4 MeF, will be adding forms 1065 and 1065B.  It is important to note that MeF, through Release 4, does not accept any individual returns.  It only accepts returns filed by organizations, specifically corporations, exempt organizations, and partnerships. 

Registered Transmitters transmit submission files to MeF through the following IRS portals: the Registered User Portal (RUP - Internet) Electronic Management System (EMS – existing CPE portal), both of which are included in the RUP.  All returns must adhere to the Extensible Markup Language (XML) schema definitions defined by the IRS.
 
Upon receiving a transmission file from a Transmitter through one of the portals, the MeF application validates each return against the XML schemas and business rules.  MeF rejects returns that fail a schema or business rule validation check; only returns that pass all validation checks are accepted.  After returns in transmission files processed through EMS are validated, MeF generates an acknowledgement file.  The Internet Filing Application (IFA) and RUP processed files return an acknowledgement file for each submission.

The receipts and acknowledgements are both stored in the MeF database and retrieved asynchronously directly from the MeF database by the MeF application services that correspond with the Application to Application (A2A) service requests.  Both the browser-oriented IFA retrieval of acknowledgements and the A2A retrieval of receipts and acknowledgements access the appropriate data by calling these application services.  Transmitters can also send corporate, exempt organization, and partnership state returns for participating states to MeF for pass-through to the states via A2A.  In Release 4, MeF will add State return capabilities to the IFA processing channel.

MeF continues processing accepted returns only.  Each accepted return is assigned a Document Locator Number (DLN), code and edit values are generated, and then inserted into the Modernized Tax Return Database (M-TRDB).  Accepted returns are also prepared for additional processing by downstream IRS tax systems.  The accepted returns are converted into the existing IRS proprietary Input records and forwarded to General Mainframe Framework (GMF) for Pipeline processing.

MeF outputs data to several CPE Systems as noted below.  All are one way, outbound data extract processes with no access by the public.  Extracts related to the Public Access System (PAS), Return Inventory Control System (RICS), and Business Filer Model Special Processing Load Analysis Tables Operational Data Store (BFM SPLAT ODS) are part of M-TRDB.  Hence, privacy considerations regarding those extracts fall within the scope of the M-TRDB PIA.  Extracts from Electronic Tax Administration (ETA) are part of the M-TRDB System and provide all available BMF returns processed through Modernized e-File for ETA's marketing database.  This transfer occurs on a monthly basis.

MeF Application issues identified in the previous Milestone (4A) Privacy Memo

The following issues were identified in the MeF Release 4, Milestone 4A Privacy Memo, as summarized:
• Issue:  Allowing the emailing of unencrypted SBU data [namely from the Business Objects Reporting tool transmitting business and ad-hoc reports via e-mail in an unencrypted format; that is, in clear text]
o Mitigation activities:  A Security Deviation Request is currently being drafted as a short-term resolution.  These reports are contained within the internal IRS network.  Longer-term resolutions concerning vendor plans for a SMIME solution for secure e-mailing of Business Objects Reports and ad-hoc reports are currently under review.
• Issue:  Change of “time-out” form fifteen to thirty minutes
o Mitigation activities:  MeF is not following the IRM by default.  Modification of the timeout threshold is still under discussion at this time (i.e., as of Milestone 4B).
• Issue:  “Strong Authentication” under review for A2A external web access
o Mitigation activities:  Beyond system ID and password authentication, the implementation of other forms of strong authentication in Milestone 4B are still to be determined.  At this point, one of the mitigation measures in the early stages of development for the next release, after Release 4, is to require signed SOAP requests.
• Issue:  Incorporating an Excise Tax Module
o Mitigation activities:  Determination of whether or not this functionality will be added in Milestone 4B is still to be determined.

MeF Application new functionality for Release 4

The following functionality is included in this release:
• 1065/1065B Forms support, including all schedules, forms, statements, and attachments required by law. 
o This adds e-file submission support for partnerships, so that they may submit partnership-related forms (i.e., Forms 1065 and 1065B) in the same way and through the same process as exempt organizations and corporations currently do through the MeF system. 
• Add Fed/State capabilities to the IFA processing channel; namely, the addition of State submission functionality. 
o This adds the capability for Third Party Trading Partners to submit State level forms through the IFA channel.  The format of the message for IFA is SOAP 1.1 with attachments.  Submissions are transmitted through a secure https portal.  This technology does not include the ability for States to retrieve state submissions via the IFA channel – that capability only exists through the A2A channel.  For additional information regarding the updates of IFA processing from Release 3.2 to Release 4, which includes the addition of State tax submission functionality via IFA, refer to: Internet Filing Application (IFA) User Interface Design Change Summary for Release 3.2 to Release 4, version 1.2, November 8, 2005.

Data in the System 

1. Generally describe the information to be used in the system in each of the following categories: Taxpayer, Employee, and Other.

Taxpayer:
MeF validates, collects, prepares for downstream processing, and retains taxpayer data contained on the Return Forms Series 1120, 1120S, 1120-POL,  1065, 1065B, 7004, 990, 990-EZ, 990-PF and 8868, including all schedules, forms, statements, and attachments required by law which were electronically filed via the IRS portals.  MeF also will collect State tax returns, whether filed with a Federal return or not, for transmission to the appropriate state agency; that is, MeF will make State returns available to states.  It is important to note that MeF, through Release 4, does not accept any individual returns.  It only accepts federal and state returns filed by organizations, specifically corporations, exempt organizations, and partnerships.  MeF shall virus check the request message and check that the state participates in either the Fed/State or State Stand-Alone program.  If a state return fails this validation, it will be rejected in accordance with business rules.  In a joint Fed/State filing, if the federal return is rejected, the state return will also be rejected.  Notice of acceptance or rejection is contained in the acknowledgement which is retrieved using a separate Service Request.  If the federal return is submitted on or near the filing date and the return is rejected, the taxpayer has 20 days from the date-time stamp in the acknowledgement to refile rejected returns and 5 days to refile rejected extensions.  However, there is no such implied or expressed re-file period for a rejected state return.  Originators and State Agencies must come to agreements between themselves as to what, if any, re-filing period exists.  This data is retained on the MeF system for the current tax year only.

Transmission Files: 
MeF retains the transmission files as originally transmitted by Registered users for three years.  These files contain the original return data transmitted electronically.  The data is retained to keep a record of the return data as originally transmitted. 

Acknowledgement Files:
Since acknowledgement files contain validation results for all returns contained in transmission files, each acknowledgement file is retained along with its originating transmission file for three years.

Database:
MeF retains taxpayer data in the MeF database for the entire processing cycle (one tax year).  It is important to note that MeF, through Release 4, does not accept any individual returns.  It only accepts returns filed by organizations, specifically corporations, exempt organizations, and partnerships.  In addition to taxpayer data, MeF retains statistical and summary data derived from tax returns.  Some of the data, like taxpayer entity information, is retained in the database to support return validation.  For example, each return must contain a valid Employer Identification Number (EIN) and name control.  Entity data is also used to prevent duplicate filings for the same tax period.  E-Help Desk personnel, Error Resolution Tax Examiners, auditors, classifiers, customer service representatives, and managers all require access to this data to perform their duties. 

MeF collects the following types of statistical and summary data:

• Number of accepted and rejected returns sorted by District Office, Service Center, EFIN (ERO),
• Rejected transmissions by ETIN (Transmitter),
• Number of accepted returns by ETIN,
• Number of rejects by error category,
• ERO return volumes by District Office,
• Volumes of each form and schedule by return type,
• Rejects by type of Software Package,
• Daily Totals of filed returns,
• Duplicate filing rates,
• Returns filed by BOD.

Employee:
MeF does not house, collect, or store employee data.  The employees gain access to the MeF application through the Employee User Portal (EUP).  The EUP validates each employee’s login and password against the logins and passwords housed in the e-Trust, which resides on a separate infrastructure server in the EUP.  It is this server that writes all login attempts to Security Audit Analysis System (SAAS).  Upon successful login, the employee selects a MeF application from a list of applications the employee is authorized to access.  Once the employee selects the application, the employee is connected to the MeF presentation logic (resides on the web application server), which is separate and distinct from the MeF application that resides on the MeF server.

Once connected to the MeF presentation logic, all user transactions are audited and written to SAAS.  The SAAS record includes the user ID, role, and session ID, but MeF does not process or retain this data. 

Other:
Registered and confirmed Transmitters, On-Line Providers, and Large Taxpayers (hereafter all three are referred to as Transmitters), transmit e-filed tax returns to MeF via the RUP (Transmitters also transmit through the EMS.  These transmissions are then transferred to the MeF system).  In A2A, for instance, the system ID and password of the Transmitter application are used for authentication; whereas, for IFA, the user ID and password of the authorized Transmitter user are processed.  Each Transmitter is validated upon successful login.  Then the Transmitter is connected to MeF.  All registered users log in and select a personality.  The user then uploads the return file to this MeF application component.  Once connected to the MeF process, all user transactions are audited and written to SAAS.

Other Organization Taxpayer / Transmitter related data includes (refer to the Attributes of the Data section, item 4 of this PIA document for the following data element descriptions):

• Employer Identification Number (EIN)
• Document Locator Number (DLN)
• Electronic Transmitter Identification Number (ETIN)
• Electronic Filer Identification Number (EFIN)
• Global Transaction Key (GTX Key)
• Submission ID
• Message ID

A2A provides the ability for Transmitters to submit returns and documents unattended.  The techniques involved will cause remote applications, especially those belonging to Transmitters or state governments, to authenticate themselves to the Registered User Portal and transmit Web Services requests to the Portal where they will be processed by WebSphere on the MeF SOAP Web Application Server.  A major use of this feature is in the transmission of returns unattended.  Fed/State provides the ability for Transmitters and EROs to file State returns through the MeF system where they will be routed to the respective states.  New for Release 4, Transmitters will be able to transmit state returns through the original Internet Filing Application (IFA).  These will be attended transmissions as opposed to A2A which is unattended.  States can only retrieve the returns and receipts through A2A.  The states must be participating states. Transmitters who wish to participate in A2A will be required, during registration, to abide by the rules outlined in the registration process and Publication 4164 which is publicly available information.  The states are required to abide by the rules of the Memorandum of Understanding that they must sign.  The MOU will include reference to IRS Publication 4164.  The states must comply with IRS Publication 4164.

The IRS assigns each authorized Transmitter an Electronic Transmitter Identification Number (ETIN) and each authorized ERO an Electronic Filer Identification Number (EFIN).  The Transmitter inserts their ETIN into each transmission file, and the ERO inserts their EFIN into each e-filed return.  Upon receiving the transmission file, the MeF application verifies the Transmitter and ERO by matching the inserted ETIN and EFINs against the IRS official list of ETINs and EFINs, which it receives from the TPDS (See below).  If the Transmitter uses an invalid ETIN, the entire transmission file is rejected, including all returns contained within the file.  If the ERO inserts an invalid EFIN into a return, that return is rejected.

Also, MeF retains statistical and summary data derived from tax returns in the MeF database.  For example, information about the number of returns by ERO, validation results, and types of forms attached to returns are tracked and contained in the MeF system.  Preparer Tax Identification Numbers (PTINs) are included in the tax return where required, but MeF does nothing with these PTINs.  See Appendix E for more detailed information.

2. What are the sources of the information in the system?

2.a.  What IRS files and databases are used?

National Account Profile (NAP)

Taxpayer entity information such as EINs, name controls, and filing requirements are provided to MeF by the National Account Profile (NAP) system.  This data is housed in the MeF database and is used to validate entity information on the e-filed tax returns.  This data does not contain taxpayer financial data.  NAP transmits updates to MeF once each week using the EFNS/EFTU FTP Server Utility.  This data includes the following taxpayer Identification data:

• Employer Identification Number (EIN)
• Name Control
• Filing Fiscal Month
• Filing Requirement

General Mainframe Framework (GMF):

MeF checks all e-filed returns for duplicate filings.  If the return is a duplicate, it is rejected.  The rejected returns remain on the MeF system.  They are used by the E-Help Desk to help EROs understand and fix the errors.  They are removed from the system at the end of the tax year with the rest of the tax data.  Since taxpayers can file electronically and by paper, MeF requires Identification information (EIN, return type, tax period) for all paper filed returns.  GMF provides this information to MeF daily using the EFNS/EFTU FTP Server Utility.   This data includes the following taxpayer Identification data:

• Employer Identification Number (EIN)

MeF will send International returns to the Philadelphia GMF Area Locator Number (ALN).  The Philadelphia GMF ALN resides on the same Unisys in MCC as does the GMF ALN.  GMF sites were consolidated but not the ALNs.  A separate GMF runs for each ALN. Thus, MeF sends files to two GMFs.  MeF will batch international returns separately and transmit those batches to the Philadelphia (International) GMF ALN using the same EFNS/EFTU utility.  MeF will continue to send non-international corporate and TE/GE returns to the GMF ALN. 

Modernized Tax Return Database (M-TRDB):

M-TRDB is the authoritative source of all accepted tax returns electronically filed through MeF.  When an authorized internal IRS user uses MeF to request an e-filed return, MeF retrieves that return from M-TRDB.  These tax returns contain the following taxpayer Identification data: 

• Employer Identification Number (EIN),
• Taxpayer Name and Address,
• Document Locator Number (DLN),
• EINs, Names, and addresses of Subsidiary Corporations,
• Tax Return Information.

For Forms 1065 and 1065B (i.e., as part of added forms for Release 4), the following taxpayer identification data for partnerships is included in Schedule K-1:

• Partner TIN, which may include the partner’s EIN or SSN as part of a Partnership tax return.    

Among other organization IRS tax return forms, The M-TRDB will provide extracts on a weekly basis of redacted Exempt Organization form 990, 990-EZ, and 990-PF information to a server operated by the Statistics of Income Organization (SOI).  The XML formatted returns are converted into the PDF file format and included on a publicly available CD-ROM.   The IRS is required by law to provide the redacted form 990 and 990-EZ information to the public and currently accomplishes this through the use of various paper and electronic media.  Redacted information consists of the following: Return ID; Time Stamp; ISP Number; Software ID; Software Version; Multiple Software Packages Used; Originator; EFIN; Originator Type; Practitioner PIN, EFIN; PIN; PIN Entered By; Signature Option; Name Control; Phone; Taxpayer PIN; Authorized Third-Party; Preparer phone.

M-TRDB also provides extracts to the IRS Return Inventory Control System (RICS), ETA's marketing database, and SPLAT.  M-TRDB processes and privacy considerations fall within the boundaries of the M-TRDB PIA.  Refer to the M-TRDB PIA for more details concerning M-TRDB privacy posture.

Third Party Data Store (TPDS):
 
TPDS is the authoritative source of all Transmitter, Electronic Return Originator, and Software ID information.  MeF uses this data to validate authorized Transmitters and EROs.  MeF uses the Software IDs to verify that the tax returns were prepared using IRS authorized software.  This identification information is not taxpayer information and is not contained in tax returns. 

TPDS transmits this information to MeF daily, using the EFNS/EFTU FTP Server Utility.  The identification numbers for EROs and Transmitters are not Taxpayer Identification Numbers.  They are numbers assigned by the IRS to Transmitters and EROs only for the purpose of identifying them as Transmitters and EROs. 

Only registered Transmitters can transmit e-filed returns to MeF, and only returns prepared by registered EROs are accepted.

MeF:

As MeF validates and converts tax return data and generates statistical and summary data, it collects and stores it in the MeF database.  Converted tax data is also transmitted to downstream systems to be perfected (i.e., makes changes to inaccurate return data).  Downstream systems “perfect” the tax data, not MeF.

The MeF database houses taxpayer entity data, tax return data, summary data, statistical data, transmission files, and acknowledgement files (validation results).  A complete list of MeF database tables and data elements can be found in the MeF Data Model View (DMV); that is, the Data Model Modernized e-File Project, Release 4, MS 4B, Version 1.6, September 1, 2006, as well as the associated Data Model Supplement entitled, Data Model: Enumerated Data Supplement, Modernized e-File Project, Release 4, MS 4B, Version 1.6, September 19, 2006.  The DMV contains the MeF data dictionary.  The following taxpayer Identification data is housed in the MeF database:

• Taxpayer Identification Number (TIN)
o Uniquely identifies taxpayer
o For partnerships (Form 1065/1065B, Schedule K-1), returns can include partner EIN or SSN
• Subsidiary EINs
o Uniquely identifies subsidiaries
• Document Locator Numbers (DLN)
o Uniquely identifies tax return to the organization taxpayer
• Name Control
o Identifies taxpayer
• Return ID
o Uniquely identifies tax return
• Header.xml
o Contains EIN and taxpayer name and address

2.b.  What Federal Agencies are providing data for use in the system?
 
 Financial Management Service:
Only the Financial Management Service (FMS) supplies MeF with data.  FMS supplies MeF with the official list of Routing Transit Numbers (RTNs).  This list is updated as RTNs are added and deleted.  There is no update schedule; as financial institutions are added and deleted by the FMS, updates are distributed.

2.c.  What State and Local Agencies are providing data for use in the system?

In Release 4, registered Transmitters and EROs will be submitting state tax returns to be forwarded to the appropriate participating states.  The states send receipts and state acknowledgements to MeF after they pick up the state returns designated for them.  It is important to note that MeF, through Release 4, does not accept any individual returns.  It only accepts returns filed by organizations, specifically corporations, exempt organizations, and partnerships.  

2.d.  From what other third party sources will data be collected?

External Trading Partners

The Third Party or Trading Partner community is made up of Transmitters, Electronic Return Originators (EROs), Software Developers, On-Line Providers, Large Taxpayers and Intermediate Service Providers.
 
Trusted users (Transmitters and Electronic Return Originators (ERO)) prepare and transmit tax return data to the MeF system either through the EMS or RUP portals.  EMS and the RUP forward the transmission files to the MeF application server.  All external trading partners are registered via E-Services, and authorized by, the IRS to e-file.  These transmission files contain tax return data, which include the following taxpayer Identification data:

• Employer Identification Number (EIN),
• Name and Address. 
• Some returns will contain EINs and names and addresses of subsidiary corporations, exempt organizations, and partnerships.
• For partnerships (Form 1065/1065B, Schedule K-1), returns can include partner EIN or SSN.

Software Developers develop the tax preparation software used by taxpayers or their preparers to prepare their returns.  Only e-filed returns prepared by IRS (MeF) authorized tax preparation software are accepted by the MeF system.

EROs prepare and convert e-filed returns into IRS format (XML) using the approved tax preparation software.  MeF only accepts returns prepared and converted by authorized EROs.

Transmitters batch returns prepared and converted by EROs into transmission files.  They then transmit the files to MeF.  In addition to having to be authorized by the IRS to transmit e-file returns, all Transmitters must have a valid login and password to transmit.  A2A (which was implemented previously in Release 3.2) enables remote applications, especially those belonging to Transmitters or state governments, to authenticate themselves to the Registered User Portal and transmit Web Services requests to the Portal where they will be processed by WebSphere on the MeF SOAP Web Application Server.  A major use of this feature is in the transmission of returns.  In Release 4, Fed/State functionality will be added to the IFA processing channel; whereby, a user can log in through a secure https web site and file returns to MeF.  State returns would be made available to States for retrieval.

2.e.  What information will be collected from the taxpayer/employee?
 
Taxpayer:
The MeF system collects the following taxpayer tax return and return related information.  It only accepts returns filed by organizations, specifically corporations, exempt organizations, and partnerships:

• Returns 1120 and 1120S, Corporate income tax returns, including schedules, forms, and attachments required by law or regulation.
• Information documents 990, 990-EZ, 990-PF and 1120-POL, including schedules, forms, and attachments required by law or regulation.
• Returns 1065 and 1065B, Partnership income tax returns, including schedules, forms, and attachments required by law or regulation.
• Other attachments are generic statements.  They are listed in IRS filing instructions and tax booklets. 
• Form 8868, Application for Extension of Time to File an Exempt Organization Return.
• Form 7004, Application for Automatic Extension of Time to File Corporation Income Tax Return  
• Form 8736, Application for Automatic Extension of Time to File U.S. Return for a Partnership, REMIC, or for Certain Trusts
• State corporate income tax returns for participating states whether or not the Federal corporate return is filed with it.

As part of the registration process so that an organization (i.e., exempt organization, corporation, or partnership) can file a tax return via e-file (e.g., via IFA processing), an organization assigns a Responsible Official (up to 5 individuals in the organization) or Designated Representative as the primary point of contact.  Those individuals would have to supply the following identifying information as part of the registration process in order to secure a user ID, password, and 5-digit PIN (refer to IRS e-file for Large Taxpayers Filing Their Own Corporate Income Tax Return, dated February 2006 for more information):
• Name,
• Address,
• Phone,
• SSN,
• Date of Birth,
• Adjusted Gross Income (from current or one previous tax year).

Employee:

The login process along with all login related auditable events are conducted outside MeF by the Infrastructure Employee User Portal.  MeF does audit all employee transactions as they request data from the MeF Return, Request, and Display and Reports Applications.  For each audited transaction, the employees’ user ID (SEID), TIN, IP address of message originator, event ID, date/timestamp, and payload is written to SAAS.

3.a.  How will the data collected from sources other than IRS records and the taxpayers be verified for accuracy?

The list of RTNs provided by the FMS is the only data supplied to MeF from other than IRS records or taxpayers.  FMS is an agency of the Department of Treasury and considered a trusted user, and therefore their data is assumed accurate.  MeF relies on FMS to ensure the integrity of their own data accuracy.

EROs are required by law and regulation to supply accurate tax return data to the IRS.  (See the list of regulations later in this document.)  MeF retains the original transmission file (see retention rates) so that a record of returns as submitted is maintained.

3.b.  How will data be checked for completeness?

MeF validates all tax returns against the XML schemas and business.  XML schemas are developed and maintained by the IRS to ensure data integrity and completeness of all tax return data submitted to MeF.  Each return prepared and submitted to MeF for e-filing must adhere to the schemas.  If a single data element fails the schema integrity check, the tax return is rejected.

XML schemas enforce structure and integrity upon the data.  One or more schemas exist for each form, schedule, and attachment.  All MeF e-file tax returns must be created using the schemas as a blueprint.  If the tax return does not meet the structure and data integrity rules as defined by the schemas, the MeF system rejects the return. 

The customer, Electronic Tax Administration (ETA), supplies the business rules for each return type.  MeF enforces the rules against the tax returns using a business rules engine.  Business rules enforce relationships between data and forms.  For example, a business rule might state, “If the taxpayer declares capital gains, then a schedule D must be attached to the return.”  When MeF validates returns against the business rules, if it encounters a return that declares a capital gain without an attached Schedule D, the tax return is rejected.  The rejected returns remain on the MeF system.  They are used by the e-Help Desk while helping preparers and EROs understand and fix the errors.  They are removed from the system at the end of the tax year with the rest of the tax data.

State returns received through MeF are validated against the NAP as a service to the states.  MeF acts as a pass through to the participating States.

3.c.  Is the data current?  How do you know?

Schemas enforce format and content restrictions on all data elements, on all forms and schedules.  New schemas are issued each year to reflect the current year’s tax returns.  If a single data element fails the schema check, the return is rejected.

Business rules enforce relationships between data and between forms and schedules.  A new set of business rules are issued along with each new set of schemas.  If a tax return fails to validate against a business rule, the return is rejected. 

FMS supplies MeF with the official list of Routing Transit Numbers (RTNs).  This list is updated as RTNs are added and deleted.  There is no update schedule; as financial institutions are added and deleted by the FMS, updates are distributed.
Taxpayer entity information such as EINs, name controls, and filing requirements are provided to MeF by the National Account Profile (NAP) system.  This data is housed in the MeF database and is used to validate entity information on the e-filed tax returns.  This data does not contain taxpayer financial data.  NAP transmits updates to MeF once each week using the EFNS/EFTU FTP Server Utility. 

Taxpayer entity information such as EINs, name controls, and filing requirements are provided to MeF by the National Account Profile (NAP) system.  This data is housed in the MeF database and is used to validate entity information on the e-filed tax returns.  This data does not contain taxpayer financial data.  NAP transmits updates to MeF once each week using the EFNS/EFTU FTP Server Utility. 

Finally, each tax return must include the correct tax period and tax year.  If the tax period and year fail to validate against the business rule, it is rejected. 

4.  Are the data elements described in detail and documented?  If yes, what is the name of the document?

Yes.  All MeF data elements are documented in the MeF Release 4 Data Model Version. 

Access to the Data

1.  Who will have access to the data in the system (Users, Managers, System Administrators, Developers, Others)?

To access the MeF system, all employees must submit a Form 5081.  The employee's manager must approve the Form 5081.  The Form 5081 describes the employee's responsibilities accessing, handling, and disclosing data retrieved from the system.  The Form 5081 procedures describe circumstances under which employees may share data with other individuals (management approval), including requests from other employees and Auditors from TIGTA.  The employee signs the Form 5081 indicating s/he has read the security rules and agrees to abide by them.  A Manager approves the employee’s Form 5081 request before access to the system is granted.  There are no contractors working the e-Help Desk.

IRS e-Help Desk Personnel:

e-Help Desk personnel provide support to Transmitters and EROs.  Usually, this help is in the form of explaining errors that resulted in rejected returns and transmissions.  e-Help Desk personnel can view transmission, ERO, tax return, and validation results (acknowledgements).  e-Help Desk Personnel cannot change data.

IRS Error Resolution Tax Examiners:

ERS Tax Examiners correct errors identified by downstream processing systems like GMF.  As an aid to correcting the problem, the tax examiner accesses the MeF system to look at the tax return.  The tax examiner cannot modify the MeF return.  All corrections must be entered into the Error Resolution System.  These tax examiners can view accepted returns and perfected data only.  No consolidated, summary, acknowledgement, Transmitter, or ERO data is accessible by them.

IRS Auditors:

Tax Return Auditors can view returns they are auditing (if they were e-filed through MeF).  However, the auditor cannot make changes to the return through MeF.  IRS auditors can view accepted returns and perfected data.  All rules concerning access are observed and enforced by the employee’s immediate supervisor not software or applications.

IRS Classifiers:

IRS Classifiers use MeF to view accepted tax returns and perfected data only.  They cannot modify the tax return through MeF.  A classifier decides whether or not a return should go to audit.  No specific returns are assigned to the classifier; they look at a broad range of returns which is part of their duties.  All rules concerning access are observed and enforced by the employee’s immediate supervisor, not software or applications.

IRS Customer Service Representatives (CSR):

Customer Service Representatives can view accepted tax returns and validation results.  CSRs handle taxpayer inquiries that come in by phone over the 800 numbers.  Sometimes those inquiries require the CSR to look at the validation results of taxpayer’s tax return.  MeF is just one tool among many that the CSR uses to respond to taxpayer questions. 

IRS Managers:

Managers of the above types of employees have the same level of access to data as their employees.  Managers can also access MeF report data.  As previously stated, there is no employee information on MeF.  However, sometimes these managers have to look at the data their employees are looking at.  Like all employees, managers must prepare and submit Form 5081 to access this data.  Like all other employees, the Form 5081 must be approved by their supervisors and the security officer.

Transmitters:

Transmitters (external users) are registered with the IRS and authorized to transmit return files to MeF and retrieve acknowledgement files from MeF.  They log in and retrieve (pick up) the acknowledgements; acknowledgements are never systematically forwarded to them.  (See section 5a for a detailed explanation of how these users log in, how they transmit, and what system they retrieve acknowledgements from.)

Transmitters can also use A2A. The techniques involved will cause remote applications belonging to Transmitters to authenticate themselves to the Registered User Portal and transmit Web Services requests to the Portal where they will be processed by WebSphere on the MeF SOAP Web Application Server.  A major use of this feature is in the transmission of returns and retrieval of acknowledgements. 

System Administrators:

System Administrators will have access to MeF to perform scheduled maintenance and other regular administrator duties.  System administrators have root access to the MeF system.  Accesses to the MeF system, along with each system command executed by the administrator are auditable events.  These events are stored in audit files and reviewed by the security officer for any unauthorized activities.  Unique logins for each system administrator ensures that all audited events can be traced back to their source. These administrators could be contractors.  All contractors are required to have a full background investigation.  Once they have passed their background investigation, they will follow the same security procedures as an IRS employee system administrator.  These procedures are contained in IRM 25.10.5., and 25.10.9.

Database Administrators:

Database Administrators will have access to MeF to perform regular database maintenance duties.  Database administrators have access to the data that resides in the MeF database.  No tax return related data, including summary and statistical data derived from the tax return data, is allowed to be modified.  Access to MeF data by the database administrator, and all other users, are auditable events.  These events are stored in audit files and reviewed weekly by the security officer for unauthorized access to data.  Each database administrator has a unique login and password so that all audited events can be traced back to the source.  These administrators could be contractors.  All contractors are required to have a full background investigation.  Once they have passed their background investigation, they will follow the same security procedures as an IRS employee system administrator.  These procedures are contained in IRM 25.10.5., and 25.10.9.

End Users (i.e., within exempt organizations, corporations, and partnerships):

As part of the registration process so that an organization (i.e., exempt organization, corporation, or partnership) can file a tax return via e-file (e.g., via IFA processing), an organization assigns a Responsible Official (up to 5 individuals in the organization) or Designated Representative as the primary point of contact.  The following descriptions provide a background for those types of users.  Refer to IRS e-file for Large Taxpayers Filing Their Own Corporate Income Tax Return, dated February 2006 for more information.

Responsible Official:  This is an individual with responsibility for and authority over the e-file operation of an organization (exempt organization, corporation, partnership).  This individual also is the first point of contact with the IRS and has the authority to create, revise and sign your e-file Application.  An individual who is responsible for ensuring that your corporation adheres to the provisions of all publications and notices governing IRS e-file.  (If one individual cannot fulfill these responsibilities, up to four additional Responsible Officials may be identified [for a total of five]).  An individual who is a U.S. citizen or legal resident alien (lawful permanent resident), and have attained the age of 21 as of the date of the application Note: The Responsible Official is not required to be a Corporate Officer or a Principal of the Firm.  The following information is needed for each Responsible Official who is to be added to the organization’s e-file Application as part of registration: Name, Social Security Number, Title, Date of Birth, Position Title, and e-mail Address.

Delegated User:  This is an individual within your firm/organization, other than a Responsible Official, who is an employee, partner, or other member of the firm/organization (exempt organization, corporation, partnership) or who has a business relationship with the firm/organization.  The information needed for each Delegated Users added to an organization’s e-file Application includes: Name, Social Security Number, Title, and e-mail Address. 
The organization will determine what “authorities” the Responsible Official(s) and Delegated User(s) can have.  The Responsible Official that creates the organization’s e-file Application can authorize any or all of the following permissions for either Responsible Officials or Delegated Users: View the organization’s e-file Application Information, Update the corporation’s e-file Application Information, Sign and Submit the organization’s revised e-file Application, Add, delete or change Responsible Officials, and Be designated as the organization’s Internet Transmitter.

2.  How is access to the data by a user determined? 

Access is controlled using Role Based Access Control (RBAC) process.  Electronic Tax Administration (ETA) has defined the end users’ roles with the Business Operating Divisions (BODs), Large & Mid-Size Business (LMSB), Small Business/Self Employed (SB/SE) and Tax Exempt & Government Entities (TE/GE).  BODs are responsible for determining which employees are assigned to which role(s).  Infrastructure system administrators set up user access controls.  This includes setting up the relationships between users and roles.  Security Administrators will audit all users’ activities within the infrastructure and MeF.  The System Administrators’ managers, the Security Officers, and the MeF Project Officer monitor the administrators’ access and activities.  The level of access granted is based on job functions, level of responsibility, “need-to-know” and separation of duties.

In addition to the above access procedures, all employees must submit a Form 5081 to access the MeF system.  The employee's manager must approve the Form 5081.  The Form 5081 describes the employee's responsibilities accessing, handling, and disclosing data retrieved from the system.  The Form 5081 provides procedures and consequences for unauthorized disclosure of tax returns or return information.  The employee signs the Form 5081 indicating s/he has read the security rules and agrees to abide by them.

Outside contractors can be hired to perform system administrator duties for MeF and the underlying Infrastructure components.  All contractors are required to have a full background investigation / high risk level.  Once they have passed their background investigation, they will follow the same security procedures as an IRS employee system administrator.  These procedures are contained in IRM 25.10.5., and 25.10.9.

Only authorized registered external trading partners can transmit return files to MeF and, along with participating States, retrieve their acknowledgements (validation results).  External trading partners access the MeF application via the Internet (RUP) or EMS.  All Transmitters and participating states will be required to complete the new e-Services IRS e-file Application and pass suitability checks.  By law and regulation, all e-filers and states must abide by the same disclosure rules (See Section 5b for the list of regulations and procedures that apply).  To register, all Responsible Official(s) and Delegated User(s) within an organization (i.e., exempt organization, corporation, partnership) who will be responsible for e-filing corporate returns and/or creating or maintaining corporate e-file Applications will need to individually register with e-Services. The following identifying information is needed to register: Name, Address, Phone, SSN, Date of Birth, and Adjusted Gross Income (from current or one previous tax year).  Directions are then provided on how a user should construct a robust Username, Password, and five-digit Personal Identification Number (PIN) which will represent his/her electronic signature.  The PIN is used by the Responsible Official(s) and Delegated User(s) of a Transmitter to sign the organization’s e-file Application.  After successful registration online, the IRS will mail a confirmation number to the official address of record.  That user will have 28 days from the initial registration to access e-Services and input the confirmation number to successfully complete your registration.  E-Services passwords expire every six (6) months as a security precaution. Users receive screen notices within 15 days of expiration and an e-mail within 10 days of expiration.

2. a. Are criteria, procedures, controls, and responsibilities regarding access documented?

Yes.  Access procedures are documented with the On-Line Form 5081 process.  Roles and procedures for assigning roles are defined in the MeF roles document.  Publication 4164, Modernized e-File Guide for Software Developers and Transmitters, contains system access procedures for external trading partners. 

All employees must submit an OL (Online) Form 5081, Information Systems User Registration/Change Request to access the MeF system.  The employee's manager must approve the Form 5081.  The Form 5081 describes the employee's responsibilities accessing, handling, and disclosing data retrieved from the system.  The Form 5081 procedures describe circumstances under which employees may share data with other individuals (management approval), including requests from other employees and auditors from TIGTA.  The employee signs the Form 5081 indicating s/he has read the security rules and agrees to abide by them.

All entities who wish to play the role of Transmitters must complete an IRS e-file Application.  Most applicants must undergo a suitability check.  Applicants who pass suitability are assigned ETINs, and then are allowed to transmit.  All Transmitters agree to abide by all rules and regulations governing Transmitters when they sign the IRS e-file Application.  (See section 5b for a list of regulations and procedures that apply).  Participating states must follow the same the IRS e-file Application procedures.

3.  Will users have access to all data on the system or will the user's access be restricted?  Explain.

User access will be restricted.  All user access is role based.  For example, Transmitters will only be able to transmit return files to MeF and pick up the validation results contained in the acknowledgement files.  Error Resolution Tax Examiners will only have access to accepted returns.  E-Help Desk personnel can access accepted and rejected tax returns along with their validation results.  System Administrators have access to the underlying system resources.  Their access to these resources is restricted based on their duties.  End users (i.e., Responsible Officials and Designated Users of an organization/transmitter) will have the ability to access the IRS account of their respective organization through, for example, A2A (direct application data processing of an organization’s tax returns) or IFA (individual submission of an organization’s tax returns as authorized).

4.  What controls are in place to prevent the misuse (e.g. browsing) of data by those having access?

All user transactions within the EUP and RUP are audited and written to SAAS.  The employee’s user ID (SEID), TIN, IP address of message originator, event ID, date/timestamp, and payload data are written to the SAAS log.  Requirements are being developed to create reports that will be issued to managers weekly and quarterly that identify employees who have potentially accessed taxpayer data inappropriately.

5.a   Do other systems share data or have access to data in this system?  If yes, explain.

Yes.

• Electronic Management System (EMS)

Transmitters can also transmit return files and retrieve acknowledgements through EMS.  EMS is the existing IRS portal for electronic filing.  EMS handles all non-Internet access from the outside (T-1s, ISDN, dial-up).  EMS also authenticates and authorizes Transmitters prior to allowing them access.  EMS forwards the transmission file to the MeF server if it passes validation. 

• TPDS (e-Services)

The e-Services TPDS provides MeF with daily extracts of ETIN, EFIN, and Software ID information.  No SSNs or EINs are included in this data.  MeF uses this information to validate Transmitters, EROs, and approved software tax preparation packages.  A PTIN is a preparer Identification number; and that data is not included in this information.

• General Mainframe Framework (GMF)

GMF is the entry system to pipeline processing.  Both electronic and paper returns are input to GMF.  MeF converts all accepted returns into GMF format then forwards them to GMF.

MeF receives 1120, 990, and 1065/1065B paper filer EINs from GMF.  MeF uses these EINs to detect duplicate filings.  All duplicate returns are rejected.  Duplicate returns are rejected the same way returns that fail any other business rule are rejected.  Rejected returns are not processed through the system.  They remain on the MeF system with the other transmissions, returns, and database.  See Maintenance of Administrative Controls for retention periods.

MeF will send International returns to the Philadelphia GMF ALN.  The Philadelphia GMF application resides on the same Unisys in MCC as the GMF application MeF currently (release 1) sends returns to.  MeF will batch international returns separately and transmit those batches to the Philadelphia (International) GMF ALN using the same EFNS/EFTU utility.  MeF will continue to send all other type returns to the GMF ALN it uses in release 1.

• IDRS – End-of-Day (EOD)

MeF sends all subsidiary corporations and tax-exempt organizations subsidiaries’ EINs included on consolidated returns to EOD.  EOD uses the EINs to satisfy subsidiaries’ filing requirements and transfer any credits to parent corporation.
End-of-Day records for form 8873 (990 TEGE) will be created batched and forwarded to IDRS.  No change to the existing interface to IDRS and EOD record layouts are required

• Electronic Federal Tax Processing System (EFTPS)

MeF sends debit payment information to EFTPS.  EFTPS is an IRS system that processes payment vouchers and credits taxpayer accounts for payments made.  Taxpayers can choose to have the IRS perform an electronic transfer of funds to satisfy outstanding balances.  If a taxpayer chooses this option, MeF forwards entity and account information to EFTPS.

The debit payment information consists of the following:
o EIN,
o Name Control,
o Name,
o Address,
o Bank Account Number,
o Routing Transit Number,
o Transaction Amount (debit),
o Payment Date,
o Tax Period,
o Type of Account,
o Tax Type,
o Taxpayer's Daytime Phone Number.

• Electronic Tax Administration Report Administration System (ETARAS)

ETARAS reports summary and detailed information on electronic filing to IRS management.  MeF forwards summary and detailed tax information to ETARAS.
(ETARAS is provided the same summary and statistical information described above in the Data-in-the-System Section.)

• Modernized Tax Return Database (M-TRDB)

MeF inserts each accepted return (passes MeF validation) into M-TRDB, the authoritative source of MeF e-filed tax return data. 

• National Account Profile (NAP)

The NAP contains entity information and filing requirements for taxpayers.  (The NAP data contains the taxpayer’s EIN, name control, and tax return filing requirements).  NAP provides MeF with a weekly update of 1120 and 990 entity information.  This information is used to validate taxpayer entity information on each tax return transmitted to MeF.

• Participating State Agencies

The MeF System provides a single point of transmission and retrieval (i.e., pass-through) for all state submissions and acknowledgements.  The MeF system shall accept stand-alone organization (i.e., exempt organization, corporation, partnership) state returns, as well as organization state returns linked to a Federal tax return.  The MeF System shall reject a state submission if it cannot identify the state, or the state is not a participant, or the federal return is rejected and the state return is attached to this federal return.  In a joint Fed/State filing, if federal return is rejected, state return will be rejected.  MeF application services will send files to external systems as part of a response to an authorized request from that system.

The State Submission Manager component is responsible for processing all state submissions. It determines if a state submission should be made available to the targeted state and, if so, makes the submission available to the state for pick up. It is responsible for making copies of an IRS EO submission for the state(s), and is responsible for retrieving state submissions for a specified state. The State Submission Manager invokes services provided by other components to fulfill its responsibilities. It invokes the State Submission Validation component to determine if the submission should be made available to the state, and the State Copy Processing component to make copies of an IRS EO submission

The Submission Storage component is responsible for saving a submission in a database. It takes a submission as input, creates a TOC (Table of Contents) and a document index for documents in the submission, and saves the submission, the TOC, and the document index in the database. It provides two interfaces for saving a submission: one to save a Federal submission in M-TRDB and another to save a submission in the MeF database. The Submission Storage component is invoked by the IRS Submission Manager component to save a submission.  See Appendix G for more information.

High level information regarding the agreement between the IRS and participating states can be located in Memorandum of Understanding (MOU) for the 1120 Federal/State Electronic Filing Program.  For more specific details defining the IRS and participating states operational requirements, refer to the Modernized eFile Interconnection Security Agreement (ISA) with Third Party Transmitters and Participating States (TPT-PS), version 3.1, August 18, 2006.

All IRS systems that share data with MeF have the following PIA and C&A status:
• NAP:  PIA approved on 5/3/2006, expiring 5/3/2009.  A C&A date was not available in the Mission Assurance Master Inventory.
• TPDS:  PIA currently in development.  C&A currently in development.
• M-TRDB:  PIA approved on 9/2/2003, expiring 9/2/2006 (PIA may be currently in the development phase as part of Release 4).  C&A approved on 7/1/2004, expiring 7/1/2007.
• RICS:  PIA approved on 5/1/2006, expiring 5/1/2006.  C&A approved on 7/15/2006, expiring on 7/15/2009
• ETA (ETA-RAS) ETARAS:  PIA approved on 5/23/2006, expiring 5/23/2009.  An approved C&A is included in the GSS
• GMF:  PIA approved on 8/31/2004, expiring 8/31/2007.  A C&A date was not available in the Mission Assurance Master Inventory.
• EMS:  PIA approved on 12/5/2005, expiring 12/5/2008.  C&A approved on 12/16/2004, expiring 12/16/2007.
• IDRS:  PIA approved on 3/23/2006, expiring 3/23/2009.  C&A approved on 7/1/2004, expiring on 7/1/2007.
• EFTPS:  PIA approved on 4/26/06, expiring 4/26/2009.  C&A approved on 12/23/2004, expiring 12/23/2007 (FYI: EFTPS is currently undergoing a streamlined C&A.).
• BFM SPLAT ODS:  Not available in the Office of Privacy PIA Inventory nor the Mission Assurance Master Inventory.

5.b.  Who will be responsible for protecting the privacy rights of the taxpayers and employees affected by the interface?

●   Transmitters are required by law to protect the privacy rights of taxpayers.    Revenue Procedure 2000-31 covers the responsibilities and requirements for all e-file providers.  Transmitters who wish to participate in A2A will be required, during registration, to a abide by the rules outlined in the registration process and Publication 4164

• A tax return preparer is subject to a criminal penalty for unauthorized disclosure or use of tax return information.  See Section 7216 of the Internal Revenue Code and section 301.7216-1(b) of the regulations.

• Section 6713 of the Internal Revenue Code establishes civil penalties for unauthorized disclosure or use of tax return information.

• Section 301.7701-15 and Revenue Ruling 85-189 establish penalties for EROs, Intermediate Service Providers, Transmitters, and products of a software developer that alters the return information.

• In addition to the above specified provisions, the Service reserves the right to assert all appropriate preparer, non-preparer, and disclosure penalties against an Authorized IRS e-file Provider.

• The states are required to abide by the rules of the Memorandum of Understanding that they will sign.  The MOU will include reference to IRS Publication 4164.  The states must comply with IRS Publication 4164, Modernized e-File Guide for Software Developers and Transmitters and the Infrastructure Shared Services Interconnection Security Agreement with Modernized e-File (MeF) (Document No. PRIME-ISS-DOC-ISA-MEF) to help ensure security and privacy of taxpayer data.

Employee data is not collected and stored on the MeF system directly and therefore there is no potential for disclosure of employee information. 

6.a.  Will other agencies share data or have access to data in this system (International, Federal, State, Local, & Other)?

FMS provides data to MeF.  MeF does not share data with FMS or allow FMS to access MeF data.  As stated previously, the MeF System shall provide a single point of transmission and retrieval for all participating State submissions and acknowledgements. 

6.b.  How will the data be used by the agency?

The state returns submitted through MeF will be used to meet the filing requirements of the participating states.

6.c. Who is responsible for assuring proper use of the data?

The participating states will be responsible.  MeF does not store or act on the state returns in any manner.   MeF acts only as a pass through of the state returns from the transmitter to the state.

6.d. How will the system ensure that agencies only get the information they are entitled to under IRC 6103?

A Memorandum of Understanding (MOU) between registered states and the IRS to allow the retrieval of state returns has been prepared and must be signed by the states.  An Interconnection Security Agreement (ISA) is also provided and offers more in-depth details defining operational requirements and security measures.  These documents along with the related Publication 4164 govern the data to be submitted and the following of the Disclosure rules.  Further, the IRS is only acting as a pass through for the state returns.  This is the same information they would have received if the transmitter sent the returns directly to the states.  No other additional information is sent to the states.

Attributes of the Data

1.  Is the use of the data both relevant and necessary to the purpose for which the system is being designed?

Yes.  The data elements in the system are directly related to the IRS tax administration of the tax forms required for each tax year for exempt organizations, corporations, and partnerships.

2.a. Will the system derive new data or create previously unavailable data about an individual through aggregation from the information collected?

Taxpayer:  Statistical information is derived from the aggregation of the data received.  No individual information is currently processed for aggregation by MeF.  It is important to note that MeF, through Release 4, does not accept any individual returns. 

Employee:  No.  MeF does not capture employee data.

2.b. Will the new data be placed in the individual’s record (taxpayer or employee)?

Taxpayer:  No.  Statistical and summary data are derived and aggregated from taxpayer data and cannot be traced back to the originating taxpayers.  It only accepts returns filed by organizations, specifically corporations, partnerships and exempt organizations.

Employee:  No.  MeF does not collect or store employee data, and MeF does not update any employee records.

2.c. Can the system make determinations about taxpayers or employees that would not be possible without the new data?

Taxpayer:  No.  Statistical and summary data are derived and aggregated from taxpayer data cannot be traced back to the originating taxpayers.  It is important to note that MeF, through Release 4, does not accept any individual returns.  It only accepts returns filed by organizations, specifically corporations, partnerships and exempt organizations.

Employee:  No.  No employee data is captured on the MeF system.

2.d. How will the data be verified for relevance and accuracy?

All consolidated data (statistical and summary) is aggregated from received taxpayer data, which has undergone validation against tax year schemas and business rules.

3.a If the data is being consolidated, what controls are in place to protect the data and prevent unauthorized access?  Explain.

Role Based Access controls user access to data.  Role Based Access is described previously in this document.  Only those users assigned roles that allow access to consolidated data can access it.  There is no special set of users that access consolidated data (statistical and summary).  If a manager authorizes a user to access this data, and the user has an approved Form 5081, the appropriate roles are assigned to the user so s/he can access this data.  End users of an organization (e.g., Responsible Officials and Delegated Users) may only access the organization’s account as assigned by their organization and as approved by the IRS.

3.b If processes are being consolidated, are the proper controls remaining in place to protect the data and prevent unauthorized access?  Explain.

No existing processes are being consolidated.  State returns are received in an encrypted format which is unopened by MeF and forwarded to the states in the same condition as received.  MeF just needs to read the State that the return applies to and the originator of the return.  Since MeF does not open or store these returns in any way, there is no capability in the MeF system to access this information.  Upon receipt, the states are responsible for preventing unauthorized access.

4. How will the data be retrieved? Can it be retrieved by personal identifier? If yes, explain.

Yes, authorized employees can retrieve and view tax return data using the MeF system’s Return, Request, and Display feature.  Role Based Access determines level of access to data.  E-Help Desk personnel, Error Resolution Tax Examiners, auditors, and customer service representatives must all be able to retrieve individual returns.  All requests for data, and responses, are audited and written to SAAS. 

The following personal identifiers are used to retrieve data:

• Employer Identification Number (EIN):  The EIN is a unique taxpayer Identification number for businesses that can be used to retrieve tax returns of specific taxpayers.

• Document Locator Number (DLN):  A DLN is assigned to each tax return accepted by the MeF system.  Each DLN uniquely identifies each tax return of an organization taxpayer.  The DLN is used to retrieve a specific tax return for specific taxpayers.

• Electronic Transmitter Identification Number (ETIN):  An ETIN uniquely identifies each Transmitter.  Taxpayer data transmitted by a particular Transmitter can be accessed indirectly by querying on that Transmitter’s ETIN.

• Electronic Filer Identification Number (EFIN):  An EFIN is a number that uniquely identifies each ERO.  Taxpayer data prepared by a particular ERO can be accessed indirectly by querying on that ERO’s EFIN.

• Global Transaction Key (GTX Key):  A GTX Key is a number generated that uniquely identifies each transmission and its acknowledgement.  User can view validation results and tax data contained in an acknowledgement file and transmission file by querying on GTX key.  (e-Help Desk personnel and customer service representatives can view acknowledgements.  e-Help Desk personnel can view transmission files.  Once again this is role based.)
 
• Submission ID:  Submission ID is a number generated by ERO that uniquely identifies tax return.  e-Help Desk personnel will be able to query using the Submission ID.,

• Message ID:  A Message ID is a number generated by a Transmitter that uniquely identifies a transmission file.  e-Help Desk personnel can access tax return data contained in a transmission file by querying on Message ID.

5. What are the potential effects on the due process rights of taxpayers and employees of:

a. Consolidation and linkage of files and systems;

Taxpayer:  Each return submitted is validated against the schemas and business rules for that return type.  If a return fails validation, it is rejected and the taxpayer must make the necessary changes and resubmit the return.  If the return passes validation, it is accepted and processed through the Pipeline.  Tax data is then, converted and shared with other IRS tax processing systems.  The data is converted into IRS proprietary formats and is then forwarded to the appropriate downstream systems.  It only accepts returns filed by organizations, specifically corporations, partnerships and exempt organizations.  Individual tax returns are not filed through MeF.  Any individual information derived from IRS Forms (e.g., Form 1065, Schedule K-1) or through the e-File registration process (i.e., for an organization’s Responsible Officials or Delegated Users) is not consolidated or used for any intention beyond the stated business purpose of the MeF system.

Employee: Although MeF does not store employee data, it depends on the Infrastructure e-Trust and integrity of the login process for accurately identifying users who access the system.

b. Derivation of data;

Taxpayer:  None.   

Employee:  MeF does not derive any consolidated employee data.

c. Accelerated information processing and decision making;

Taxpayer:  None.

Employee:  None.

d. Use of new technologies;

Transmitters and EROs will be able to use the Internet to file their corporate taxpayer, exempt organization, and partnership clients’ tax returns through the IFA channel. 

How are the effects to be mitigated?

Transmission files containing the original tax return data as transmitted to MeF (IRS) is retained on the MeF system for the retention periods stated in Maintenance of Administrative Controls, item 2a of this PIA document.  Retaining this data gives the taxpayer an opportunity to challenge and to correct taxpayer data collected by MeF and converted with downstream systems.

Maintenance of Administrative Controls

1.a.  Explain how the system and its use will ensure equitable treatment of taxpayers and employees.

No taxpayer or group of taxpayers is treated differently from any other taxpayer of group of taxpayers.  All tax returns must adhere to the same standardized and published XML schemas and business rules for the same return type.  Schemas validate data element formats and ranges on all forms and schedules.  Business rules enforce relationships between data, forms, and schedules.  All returns must adhere to the same rules.  There are no exceptions.

No employee or group of employees is treated differently by the system than any other employee or group of employee.  All employees must have a user ID (SEID), a password, and an assigned role.  All employee transactions are audited and written to the SAAS.  There are no exceptions.

1.b. If the system is operated in more than one site, how will consistent use of the system be maintained at all sites?

The MeF system operates at only one site. 

1.c. Explain any possibility of disparate treatment of individuals or groups.

Because of the processes described above in item 1a, there is no disparate treatment of individuals or groups.  The MeF system is used for the collection of the tax returns regardless of whose return it is.  The system does not have the ability to discern differences between taxpayers.

2.a. What are the retention periods of data in this system?

Retentions periods for the following data apply: (Review IRM)

Transmission Files: 
Retention Period:  3 years.
Authorizing Source:  IRM 1.15.3, General Records Schedule 20
MeF System Requirements Report
Acknowledgement Files:
Retention Period:  3 years.
Authorizing Source:  IRM 1.15.3, General Records Schedule 20
MeF System Requirements Report
Database:
Retention Period:  3 years.
Authorizing Source:  IRM 1.15.3, General Records Schedule 20
MeF System Requirements Report

2.b. What are the procedures for eliminating the data at the end of the retention period?  Where are the procedures documented?

At the end of the retention period, data will be purged from the MeF system according to standard IRS procedures – IRM 25.10.1.6.4.6 (01-01-2002).

Purge requirements are documented in the MeF Use Cases.   Purge procedures are included in the System Administrator manual, Trusted Facility Manual, and Technical Contingency Planning Document. 

Two RISs have been issued to define the report requirements and there is a group working the issue.  (The RIS numbers are RIS BSM-3-0005A00 and BSM-3-000600.  This issue impacts MeF, but it is a modernization-wide issue and is being worked at that level.  These reports must be developed for all modernization applications, not just for MeF.  These are not MeF reports.  High-level requirements have been defined; however, Modernization has not yet determined when these reports will be developed and made available to management. 

2.c. While the data is retained in the system, what are the requirements for determining if the data is still sufficiently accurate, relevant, timely, and complete to ensure fairness in making determinations?

New schemas and business rules are issued for each new tax period.  Each transmitted tax return must conform to the schemas and business rules or the system will reject it.  Each tax return must contain the tax year and tax period in the data.  If the tax year and tax period declared in the data does not match the tax year and tax period in the business rules the return is also rejected.   No user or system can modify tax return information that resides on the MeF system.  ERS does not modify MeF data.  ERS personnel modify tax returns that come from MeF, but those changes are fed into M-TRDB, not MeF.  (The ERS relationship with M-TRDB would be addressed in the M-TRDB PIA.)

All data received from other IRS systems for the purposes of validating tax returns is updated on a daily or weekly basis, depending on the type of data. 

3.a Is the system using technologies in ways that the IRS has not previously employed (e.g. Caller-ID)?

Yes.  IRS will allow corporations, partnerships, and Exempt Organizations to e-file their tax returns and information documents through Transmitters over the Internet.  The infrastructure Registered User Portal RUP is used for this.  As part of Release 4, the IFA channel will be available to support these submissions for Federal and State Organization/Transmitter tax returns.

3.b How does the use of this technology affect taxpayer/employee privacy?

IRS infrastructure and application architects have implemented safeguards to assist in protecting information:  firewalls defend against network attacks, encryption protects data from unauthorized viewing, https for the IFA channel provides a secure web site for e-filed tax return submissions, virus software scans data for potential virus and worm attacks, logins and passwords enforce user authorization, role-based access restricts access to data to authentic users, and audit trails record all user transactions.  It is important to note that MeF, through Release 4, does not accept any individual returns.  It only accepts returns filed by organizations, specifically corporations, partnerships and exempt organizations.

4.a Will this system provide the capability to identify, locate, and monitor individuals?  If yes, explain.

No.  MeF is not designed to identify, track, locate, or monitor individuals and will not be used for any identification purposes.  MeF is designed to process e-filed tax returns for organizations.  It is important to note that MeF, through Release 4, does not accept any individual returns.  It only accepts returns filed by organizations, specifically corporations, partnerships and exempt organizations.

4.b.  Will this system provide the capability to identify, locate, and monitor groups of
        people?  If yes, explain.

No.  MeF is not designed to identify, locate, and monitor groups of people.  However, since the Infrastructure assigns roles to users, any concerns or background information from the Infrastructure level would fall within the scope of the M-TRDB system (see the M-TRDB PIA for more information regarding infrastructure level controls).

4.c.  What controls will be used to prevent unauthorized monitoring?

MeF does not monitor individuals or groups of individuals; however, audit trail data is collected in SAAS.  Managers cannot request to monitor individuals or groups of individuals without probable cause.  Procedures are being developed for this process.  The IRS has issued two RIS’s to define reports and procedures and work is ongoing.  The RIS numbers noted in the Maintenance of Administrative Controls section, item 2b of this PIA document provide a reference to that background information.  This requirement is being satisfied at the program level. 
See Appendix H for more details.

5.a  Under which Systems of Record Notice (SORN) does the system operate?  Provide number and name.

MeF operates under the following System of Records Notices:

• Treasury-IRS 22.062 Electronic Filing Records
• IRS 50.001 – Employee Plans and Exempt Organizations Correspondence Control Records
• Treasury-IRS 34.037 IRS Audit Trail and Security Records
• IRS 24.046-CADE Business Master File (BMF) (Formerly: Business Master File (BMF)).

5.b. If the system is being modified, will the SORN require amendment or revision?
Explain

This is the Privacy Impact Assessment for Release 4.  Per discussion with the Disclosure Analyst, the SORN does not need to be modified.  With each future release, the MeF Project Office will coordinate with the Privacy Advocate’s office to update the Privacy Impact Assessment and System of Records Notice. 
 


Page Last Reviewed or Updated: April 16, 2007