Privacy Impact Assessment – Office of Tax Shelter Analysis (OTSA)
OTSA System Overview
OTSA is a web-based application that collects tax shelter activity information, such as individual name, social security number, address of individual and other involved parties, and company name. The collection is processed primarily from the Reportable Transaction Disclosure Statement form (Form 8886), submitted manually by taxpayers. Data is also obtained from existing examination activity from the Audit Computerized Information System (ACIS) and Examination Return Control System (ERCS) to support the static master file. Approximately 70,000 taxpayers submitted Form 8886 in the 2005 tax season.
Additional sources for the collection of tax shelter activity come from promoter examinations and a voluntary telephone hotline where the public can file reports regarding potential tax shelter law violations. The last Privacy Impact Assessment completed for OTSA was on March 31, 2005.
Systems of Records Number(s)
Treasury/IRS 42.021 Compliance Programs and Project Files
Treasury/IRS 42.008 Audit Information Management System
Treasury/IRS 42.001 Examination Administrative Files
Treasury/IRS 24.030 Individual Master File
Treasury/IRS 24.046 Business Master File
Treasury/IRS 34.037 IRS Audit Trail and Security Records System
Data in the System
1. Describe the information (data elements and fields) available in the system in the following categories:
A. Taxpayer
B. Employee
C. Audit Trail Information (including employee log-in info)
D. Other (Describe)
A. Taxpayer information includes:
* Individual name (taxpayer)
* Company name
* Identifying Number (Social Security Number)
* Name and address (street, city, state, zip code) of taxpayer and all parties involved in the reportable transaction.
B. A system user table is maintained that includes:
* User’s location
* E-mail
* Permission level
C. Employee activity including logon is recorded in the Audit Trail log, which includes the following fields:
* Type of event / activity regarding the application
* Date of event
* Time of event
D. None.
2. Describe/identify which data elements are obtained from files, databases, individuals, or any other sources.
A. IRS
B. Taxpayer
C. Employee
D. Other Federal Agencies (List agency)
E. State and Local Agencies (List agency)
F. Other third party sources (Describe)
A. Data is obtained from existing examination activity from the Audit Computerized Information System (ACIS) and Examination Return Control System (ERCS). The data fields used from ACIS and ERCS are those that track examination activity including form type, tax period, activity code, and group identification.
Other internal IRS system data is collected from examinations or previous audits (e.g. tax disclosure documents that are sent as a supplemental link to other files).
B. Taxpayer information (as described in Section 1A) is retrieved from Form 8886, which is submitted manually by taxpayers.
C. Information is obtained directly from the employee. The data elements are only those that Identify employee for logon, User ID and password.
D. None.
E. None.
F. None.
3. Is each data item required for the business purpose of the system? Explain.
Yes. Each data element is collected to populate forms related to tax shelter activity.
4. How will each data item be verified for accuracy, timeliness, and completeness?
Quality assurance optical character software is used supporting accuracy of data. Data is not submitted into the system until this software program has run.
There are no data integrity processes associated with data manually entered into the system.
5. Is there another source for the data? Explain how that source is or is not used.
In addition to the Form 8886 submitted manually by taxpayers, sources for the collection of tax shelter activity come from promoter examinations and a voluntary telephone hotline where the public can file reports regarding potential tax shelter law violations.
6. Generally, how will data be retrieved by the user?
Since the system includes a relational database, data can be queried and retrieved by virtually any data element.
7. Is the data retrievable by a personal identifier such as name, SSN, or other unique identifier?
Yes. A query can be created to retrieve data by a personal identifier (e.g., SSN).
The ability to access data by a personal identifier is controlled by the SEID network logon procedure. The data retrieval is subject to audit and logging.
Access to the Data
8. Who will have access to the data in the system (Users, Managers, System Administrators, Developers, Others)?
There are approximately 100-150 users, who are all IRS employees of which approximately 10 are in the OTSA group.
The database is designed to have user levels that include Administrator and levels of users that allow only read or read/edit depending on the role of the particular employee in support of job duties.
The ability to access data by a personal identifier is controlled by the SEID network logon procedure. The data retrieval is subject to audit and logging.
Only IRS employees will use the application (i.e., no contractor users).
9. How is access to the data by a user determined and by whom?
Access to the data is determined on a need to know basis and by the OTSA group manager who has the final approval authority.
The On-line 5081 process is used for all users (i.e., IRS employees are the only uses).
The OL5081 (Online 5081) is used to document access requests, modifications, and terminations for all types of users, including System Administrators. When a new user needs access to IRS systems or applications, the user’s manager or designated official, completes an OL5081 requesting access for the new user. OL5081 is an online form, which includes information, such as the name of the system or application, type of access, and the manager’s signature approving authorization of access. The completed OL5081 is submitted to the Security or User Administrator, who assigns a user ID and an initial password. Before access is granted, the user is required to digitally sign OL5081 acknowledging his/her security responsibilities when using the system.
10. Do other IRS systems provide, receive, or share data in the system? If YES, list the system(s) and describe which data is shared. If NO, continue to Question 12.
OTSA receives data from other IRS systems such as the Audit Computerized Information System (ACIS) and Examination Return Control System (ERCS) to maintain static master files.
The OTSA application in no way is directly linked with any other master file including ACIS and ERCS. No updates of these files are made. Certain data elements are used from imported ACIS and ERCS data files that are examination activity that includes return type, dates, group location, and activity codes.
11. Have the IRS systems described in Item 10 received an approved Security Certification and Privacy Impact Assessment?
ACIS:
C&A:
ACIS does not have a current Certification and Accreditation listed in the Mission Assurance Master Inventory and no Certification grant date or expiration date is listed. However, this inventory states that its Certification is included in the General Support System C&A (i.e., MITS6).
PIA:
ACIS does not have a current PIA listed in the Office of Privacy PIA Inventory.
ERCS:
C&A:
ERCS does have a current Certification and Accreditation listed in the Mission Assurance Master Inventory. This inventory states that its Certification is included in the General Support System C&A (i.e., MITS4) and that the ERCS Certification was approved on April 12, 2005 with no expiration date listed.
PIA:
ERCS does have a current PIA listed in the Office of Privacy PIA Inventory, dated June 3, 2004.
12. Will other agencies provide, receive, or share data in any form with this system? No.
Administrative Controls of Data
13. What are the procedures for eliminating the data at the end of the retention period?
The purpose of this system is historical in nature.
The data retention for the electronic data will be the same as the paper filed source documents. The retention schedule for the documents has been established as 2 years after the processing date to retire to Federal Records Center and 7 years after the processing year to destroy. A SF115 will be initiated to have all electronic date be scheduled for destruction in accordance with IRM 1.15.29 Records Management – Records Control Schedule for Tax Administration.
At the present time storage capacity is adequate for all data. In the future if storage becomes an issue the data will be archived to offsite media such as CD or tape.
14. Will this system use technology in a new way? If "YES" describe. If "NO" go to Question 15. No.
15. Will this system be used to identify or locate individuals or groups? If so, describe the business purpose for this capability.
Yes. OTSA will be used to see if taxpayers warrant further examination activity. Hence, the identity and location of those taxpayers is essential and is used only to support the business purpose of the system.
16. Will this system provide the capability to monitor individuals or groups? If yes, describe the business purpose for this capability and the controls established to prevent unauthorized monitoring.
Yes. However, monitoring is not in real time. The data stored in the system is historical.
17. Can use of the system allow IRS to treat taxpayers, employees, or others, differently? Explain.
No. Tax shelter laws preclude disparate treatment from occurring and the system by design does not treat users or stakeholders differently.
18. Does the system ensure "due process" by allowing affected parties to respond to any negative determination, prior to final action?
Any tax or penalty determination made in part or entirely by any data in the OTSA database can be appealed or taken to courts through existing procedures for any tax dispute.
19. If the system is web-based, does it use persistent cookies or other tracking devices to identify web visitors?
OTSA is a web-based application, but it does not use persistent tracking technologies to identify web visitors.
|
