Privacy Impact Assessment – Bank Discrepancy Application
Bank Discrepancy Application System Overview:
This program is used by Accounting Operations to control and track bank discrepancy inventories. The application controls these cases by systemically assigned sequence numbers for each debit voucher or deposit ticket number entered. It provides an audit trail as required by GAO (Government Accounting Office). History is retained for each case.
System of Records Number(s):
Treasury/IRS 24.030, CADE Individual Master File (IMF)
Treasury/IRS 24.046, CADE Individual Master File (IMF)
Treasury/IRS 34.037, IRS Audit Trail and Security Records System
Treasury/IRS 36.003, General Personnel and Payroll Records
Data in the System
1. Describe the information (data elements and fields) available in the system in the following categories:
A. Taxpayer
B. Employee
C. Audit Trail Information (including employee log-in info)
D. Other (Describe)
A. Taxpayer. The History Sheet is generated from the application and contains the history of each case. Its use is optional. It contains the following info from the application: Log Date, Employee Number, Dishonored Check Number, Debit Voucher or Deposit Ticket Number, Difference in Check, Original Amount of Check, and Closed Date. The following fields may be input from master file: Name Control, Posting Date, DLN, Transaction Code, Amount of Check, TIN, MFT, and Tax Period.
B. Employee. All reports display the employee IDRS number.
C. Audit Trail. Most reports display the employee assigned IDRS (Integrated Data Retrieval System) number.
D. Debit Voucher, SF 5515, and Deposit Ticket, SF 215, data is entered.
2. Describe/identify which data elements are obtained from files, databases, individuals, or any other sources.
A. IRS
B. Taxpayer
C. Employee
D. Other Federal Agencies (List agency)
E. State and Local Agencies (List agency)
F. Other third party sources (Describe)
A. IDRS and DCF (Dishonored Check File, which is a separate file within IDRS that contains records of remittances returned to IRS by the depository upon which payment is refused).
B. TIN and Name Control.
C. None.
D. None.
E. None.
F. Debit Voucher, SF 5515, and Deposit Ticket, SF 215, which is received from depositaries.
3. Is each data item required for the business purpose of the system? Explain.
Yes. This is a control and tracking system of debit vouchers (DV) and deposit tickets (DT) received from the depository. Each data is required to gather history from time of receipt to closing of each DV or DT.
4. How will each data item be verified for accuracy, timeliness, and completeness?
Each DV or DT must be balanced prior to being entered on the application and when assigned on the application. All reports have an indicator that denotes cases that are over 90 days old. An age report can be generated and it can be customized to generate specific age dates.
5. Is there another source for the data? Explain how that source is or is not used.
Yes. The DCF also generates DCF09 Report, Dishonored Checks Aged 15 Days List, which can be used in conjunction with the Bank Discrepancy Employee List. The DCF09 is used on all cases entered into the DCF which includes Bank Discrepancy cases.
6. Generally, how will data be retrieved by the user?
Data is retrieved by the DV or DT Sequence Number which is automatically assigned when the user enters DT or DV information on the application.
7. Is the data retrievable by a personal identifier such as name, SSN, or other unique identifier? No.
Access to the Data
8. Who will have access to the data in the system (Users, Managers, System Administrators, Developers, Others)?
Users, Managers, System Administrators who have approved 5081 access. Developers who maintain the system.
9. How is access to the data by a user determined and by whom?
Managers in Campus Accounting Dishonored Check function will approve users via Form 5081. System Administrators/Managers will determine access level of each user.
10. Do other IRS systems provide, receive, or share data in the system? If YES, list the system(s) and describe which data is shared. If NO, continue to Question 12. No.
11. Have the IRS systems described in Item 10 received an approved Security Certification and Privacy Impact Assessment? N/A
12. Will other agencies provide, receive, or share data in any form with this system? No.
Administrative Controls of Data
13. What are the procedures for eliminating the data at the end of the retention period?
Retention on the active system is 2 years. All closed items are then moved to a historical file. Retention for control/history sheets will be in accordance to IRM 1.15.29, Records Control Schedule for Tax Administration - Wage and Investment Records, which states to destroy 1 year after the end of the processing year in which the ledger account is closed.
14. Will this system use technology in a new way? If "YES" describe. No.
15. Will this system be used to identify or locate individuals or groups? If so, describe the business purpose for this capability.
The system can identify its user and can produce an employee listing. The listing provides an audit trail as required by GAO.
16. Will this system provide the capability to monitor individuals or groups? If yes, describe the business purpose for this capability and the controls established to prevent unauthorized monitoring. No.
17. Can use of the system allow IRS to treat taxpayers, employees, or others, differently? Explain. No.
18. Does the system ensure "due process" by allowing affected parties to respond to any negative determination, prior to final action? No, due process is not affected.
19. If the system is web-based, does it use persistent cookies or other tracking devices to identify web visitors?
The system is web-base and uses session cookies. Users should only be able to access their own campus data. Session cookies are used to determine specific users by assigned NT login ID to ensure that access is campus specific. No personally identifiable or sensitive information is stored in the cookies.
| 
