Accessibility Skip to Top Navigation Skip to Main Content Home  |  Change Text Size  |  Contact IRS  |  About IRS  |  Site Map  |  Español  |  Help  
magnifying glass
Advanced Search   Search Tips

e-Postcard Front-end Application Privacy Impact Assessment

 

PIA Approval Date: September 20, 2007

System Overview:

With the passage of the Pension Projection Act of 2006, exempt organizations with gross receipts of less than $25,000 are required to begin electronically filing a notification in TY2007/PY2008.  Failure to file for 3 consecutive years, for any exempt organization, will revoke the organization's exempt status.  The e-Postcard Initiative project seeks to implement the legislation's new filing requirements by enabling:
 
The electronic submission of an annual notification for exempt organizations with gross receipts of less than $25,000 in TY2007/PY2008.  The notification shall include the following data elements:  legal name, d/b/a name, mailing address, internet address, EIN, name of principal officer, address of principal officer, evidence of continuing basis, Tax Year Begin Date, Tax Year End Date, Termination Notice.  The public disclosure of the e-Postcard data.

System of Records Number(s) (SORN) #: 
(MUST BE COORDINATED with Office of Disclosure)


Data in the System

  1. Describe the information (data elements and fields) available in the system in the following categories:

    1. Taxpayer:
      1. Exempt organization's legal name,
      2. d/b/a (doing business as) name,
      3. mailing address,
      4. internet address,
      5. EIN (Employer Identification Number),
      6. Exempt organization's principal officer name,
      7. address of principal officer,
      8. evidence of continuing basis,
      9. Tax Year Begin Date,
      10. Tax Year End Date,
      11. Termination Notice.

    2. Employee Information - None

    3. Audit Trail Information (including employee log-in info) - Undefined in MS1. To be defined in MS 2/3.

    4. Other (Describe)- None

  2. Describe/identify which data elements are obtained from files, databases, individuals, or any other sources.

    All information will be obtained electronic.  Taxpayer information will be received in electronic form. It will consist of the following data elements:

    1. IRS - IRS Undefined in MS1. To be defined in MS 2/3.

    2. Taxpayer:
      1. Exempt organization's legal name,
      2. d/b/a (doing business as) name,
      3. mailing address,
      4. internet address,
      5. EIN (Employer Identification Number),
      6. Exempt organization’s principal officer name,
      7. address of principal officer,
      8. evidence of continuing basis,
      9. Tax Year Begin Date,
      10. Tax Year End Date,
      11. Termination Notice.
    3. Employee - Undefined in MS1. To be defined in MS 2/3.
    4. Other Federal Agencies - None
    5. State and Local Agencies - None
    6. Other third party sources - None


  3. Is each data item required for the business purpose of the system? Explain.

    Each item is required per Pension Protection Act 2006 Legislation.The ePostcard system will be able to track exempt organizations, thereby, maintaining a database with good data.  Per Congressional mandate, IRS was asked to obtain the following data elements, except where indicated.

    1. Exempt organization's legal name,
    2. d/b/a (doing business as) name,
    3. mailing address,
    4. internet address,
    5. EIN (Employer Identification Number),
    6. Exempt organization's principal officer name,
    7. address of principal officer,
    8. evidence of continuing basis,
    9. Termination Notice.
    10. Tax Year Begin Date, required for processing
    11. Tax Year End Date, required for processing


  4. How will each data item be verified for accuracy, timeliness, and completeness?

    Business rules will validate and check for format.

    • Validation and Formatting rules. These rules will check to ensure the correct data type and range is used. Specific rules have not been defined in MS1.  To be defined in MS 2/3.


  5. Is there another source for the data?  Explain how that source is or is not used.

    No other source of this data exists.

  6. Generally, how will data be retrieved by the user?

    The filer will be able to retrieve submitted ePostcard. The ePostcard will be publicly disclosed.  Searching mechanisms TBD.

  7. Is the data retrievable by a personal identifier such as name, SSN, or other unique identifier?

    The ePostcard data will be retrievable using an EIN and other criteria that are TBD.


    Access to the Data

  8. Who will have access to the data in the system (Users, Managers, System Administrators, Developers, Others)?

    ePostcard data is subject to normal public disclosure requirements. Therefore, it will be made available shortly after its been filed.  Filers will have read only access to the data in the system.  Employees and contractors having access to an IRS help desk system will have access to the data. The application's database administrator will maintain the production system's data.

    Specific data access procedures have not been defined in MS1.  To be defined in MS 2/3/4a.

  9. How is access to the data by a user determined and by whom?

    Data will be publicly disclosed and is also available through a help desk application. OL-5081 is required to get access to the RRD (Return Request and Display application).

  10. Do other IRS systems provide, receive, or share data in the system?  If YES, list the system(s) and describe which data is shared.  If NO, continue to Question 12.

    • The data filed by the exempt organization will update the business masterfile.
    • The third party datastore, the database that stores all valid transmitters and trading partners will provide the valid EIN (Employer Identification Number).


  11. Have the IRS systems described in Item 10 received an approved Security Certification and Privacy Impact Assessment?

    To Be Reviewed. No word yet as to whether these other systems have received an approved PIA and Security Certification. To be defined in MS 2/3.

  12. Will other agencies provide, receive, or share data in any form with this system?

    No


    Administrative Controls of Data

  13. What are the procedures for eliminating the data at the end of the retention period?

    TBD - in the process of reviewing 1.15.2, 1.15.6, 1.15.14.  The retention period will be identified by the end of the requirements phase (Domain Architecture phase (MS 2)).

  14. Will this system use technology in a new way?  If "YES" describe.  If "NO" go to Question 15. Unknown at this time.

  15. Will this system be used to identify or locate individuals or groups?  If so, describe the business purpose for this capability.

    No, the data will be used to maintain an exempt organization’s valid address and principal officer information.

  16. Will this system provide the capability to monitor individuals or groups? If yes, describe the business purpose for this capability and the controls established to prevent unauthorized monitoring.

    No, The system will be used to maintain an exempt organization’s valid address and principal officer information.

  17. Can use of the system allow IRS to treat taxpayers, employees, or others, differently?  Explain.

    No. Use of this system cannot be used to treat taxpayers differently.

  18. Does the system ensure "due process" by allowing affected parties to respond to any negative determination, prior to final action?

    No. ePostcard is an electronic submission system. It is not required to be interactive and provide the functionality to respond.

  19. If the system is web-based, does it use persistent cookies or other tracking devices to identify web visitors?

    To be defined in  MS 3/4a.
 


Page Last Reviewed or Updated: February 20, 2008