The greatest potential for unauthorized disclosure of tax information occurs when IDRS user employees handle telephone inquiries from taxpayers. Employees should exercise special precautions to identify the taxpayer or his/her authorized representative when answering such inquiries. In responding to telephone inquiries, no tax return information may be given out unless it relates to a notice, billing, letter initiated by the IRS, or refund inquiry.

When responding to telephone inquiries about a tax account, the employee handling the inquiry should, as a minimum, obtain the taxpayer’s name, address and taxpayer identification number (SSN or EIN). Recipients of calls should continue to ask enough questions to satisfy themselves that they are speaking to the taxpayer. The following are types of information that might be asked the caller.

If a caller is unable to furnish enough information to establish that he/she actually is the taxpayer, the employee should request that the caller find out the information and call back. If the caller states he/she does not have the information and cannot obtain it, the employee should advise the caller that a written reply will be mailed to the taxpayer’s address of record.

Employees should not provide Taxpayer Identification Numbers over the telephone.

Walk-in taxpayers should not be given tax return information until they have properly identified themselves.

Information concerning taxpayers will not be provided to third parties without written authorization from the taxpayer. For example specific information concerning a client’s bill or notice will not be provided to third parties without receipt of written authorization from the taxpayer. This is true even though the third party requesting the information has possession of a copy of the bill or notice in question.

Written authorization from the taxpayer is not restricted to a power of attorney or to any specific form. The authorization must bear the taxpayer’s signature. Taxpayer Service employees will not request returns from the campus or Federal Records Center solely for verification of the taxpayer’s signature. If there is serious doubt whether the signature on the authorization is the taxpayer’s, offer to mail the information to the taxpayer’s address of record.

In walk-in contacts, if the third party has possession of a copy of the bill or notice in question, the written authorization should bear the taxpayer’s signature and give some indication that the third party is authorized to act for the taxpayer. In the absence of such written authorization, the third party may only be furnished general information regarding the meaning of the bill or notice. If the third party does not have possession of a bill or notice, the written authorization should bear the taxpayer’s name, address and signature and contain information peculiar to the taxpayer of which the third party would not generally be aware. For instance, if the letter or authorization describes a specific refund problem or inquiry with specific facts that only the taxpayer should be aware of, the third party may be given information regarding the refund.

In telephone contacts, Taxpayer Service personnel are restricted as to the information they may furnish third parties in the absence of written authorization. Only general information regarding the meaning of a particular notice or letter may be given. Advise the third party to furnish a written authorization in order that information may be provided, or offer to call the taxpayer or mail information to the taxpayer’s address of record. Otherwise, no specific information related to the taxpayer or his/her account may be given. No information from IDRS, microfilm, or tax returns may be given to the third party. Naturally, information the third party offers may be accepted. For example, cancelled check information may be accepted to initiate a payment tracer on a bill but no information relative to the balance due or nature of the assessment may be given.

Where a third party makes a written inquiry, no information may be furnished without written authorization from the taxpayer.

It should be kept in mind that relatives are third parties and the rules outlined in this Section apply to them. These rules do not apply to husband and wife when both sign a joint return. However, when a spouse has been claimed as a dependent on a return (instead of filing jointly), the dependent spouse may not be given information without written authorization from the taxpayer who signed the return.

It is essential that only properly authorized employees have access to command codes since IDRS terminals can be used to change taxpayers’ accounts. It is equally important that each employee be protected from other personnel using his/her identification since the only record of the employee making the change will be assigned to the user who is signed onto IDRS. Proper use of Command Codes SINON and SINOF will provide necessary protection to the employee. However, an employee must properly safeguard his/her password in order to obtain the benefits of the system.

IDRS users are authorized to access only those accounts required to accomplish their official duties. IDRS users must not access their own or spouse’s account, the account of a friend, relative or co-worker, or any account in which they have a personal financial interest.

Each IDRS user will be responsible for creating an IDRS password that is only known by that user. When an employee is added or re-added to IDRS, the user will receive a temporary password from the IDRS Security Officer either via the Online 5081 application or the temporary password will be provided to the employee's manager to be given to the employee. Temporary passwords are expired passwords and will require the user to create a new user password during sign-on to IDRS. The user will enter the temporary password into the password data field when signing-on to IDRS. The user will enter a new user-created password into the New Password and Confirm New Password data fields and select the OK button or the transmit key which is usually the Page up button. See LEM 2.2.1.2.4 (1).

IDRS user-created passwords are set to expire in See LEM 2.2.1.2.4 (2) a) . Users have the option to change their password at anytime. Users will be required to change their password after receiving the system notification that their password has expired. Users are prevented from using the same password for See LEM 2.2.1.2.4 (2) b) period.

IDRS users are expected to sign-on to IDRS as soon as possible after receiving the temporary password in order to establish their user-created passwords. Users who do not sign on to IDRS within See LEM 2.2.1.2.4 (3) a) after a temporary password has been issued by an IDRS Security Officer will be prevented from accessing IDRS until a Unit Security Representative (USR) unlocks the employee's profile. A user who does not sign on to IDRS within See LEM 2.2.1.2.4 (3) b) after a temporary password has been issued will be deleted from IDRS and will have to reapply by submitting a new Add User Online 5081 request in order to access IDRS.

A user who forgets his/her password must notify the manager who will prepare an Online 5081 request for a new temporary password. In the Online 5081 application, the manager must select the employee's name, the IDRS campus application, and Reset Password. For requesting new temporary passwords, the manager may bypass the USR approval by selecting No FSC/USR Approval Needed prior to approving the request. The request is sent directly to the campus Data Security staff who will generate a new temporary IDRS password that is retrieved by the employee by accessing the Online 5081 application. The user's IDRS campus application access must be registered in Online 5081 application.

If the user's IDRS access is not registered in the Online 5081 application or if the Online 5081 application is not available, the manager of USR may call or E-mail the Service Desk and open an ITAMS ticket. The caller must provide the name of the user needing the password, the user's IDRS campus name, the user's IDRS unit number, or the employee's 10-digit IDRS number, and telephone number where the user can be contacted. In emergencies, the manager or USE may call the Data Security staff with the ITAMS ticket number for immediate assistance.

Anytime a password is compromised, or even if the employee suspects that it has been, the employee must immediately change his/her password and then notify the manager/USR about the concern. The manager/USR must report the concern to the appropriate home campus IDRS Security Officer.

An employee must sign on to IDRS before accessing or changing any account on IDRS. The employee will accomplish this by inputting Command Code (CC)SINON ( See Exhibit 2.2.1.1 - 1.) that will verify whether or not the employee is authorized to use IDRS. Any user who signs on to IDRS is acknowledging that he/she has read and understood the disciplinary statement. As of January 2004, the user will no longer receive an IDRS Entry Code. After an acceptable SINON, the user can begin to enter command codes on the access screen.

During SINON the user employee must ensure that the Production Training Indicator (PTI) is set appropriately. PTI's are

The IDRS Security Officer in the Campus will adjust the employee's profile for restricted PTI's when the employee needs to obtain access to only one type of account. If no changes are made to the employee's profile, the employee will continue to have access to any type of account. The restricted PTI's are:

The Social Security Number and the employee's password are protected from viewing. These fields are not displayed on the screen to protect the employee's privacy and safeguard the password.

As of January 2004, IDRS will not generate entry codes.

Employees must use CC SINOF ( See Exhibit 2.2.1.1 - 2.) or use the top X in the right corner to sign off IDRS when they are going to be away from their workstation for See LEM 2.2.1.2.7 (1) a) or more. Users who expect to be away from their workstation for less than See LEM 2.2.1.2.7 (1) b) may use their password-protected NT screen lock to prevent an unauthorized user for accessing their IDRS account.

If a user is signed onto IDRS at one workstation and signs on at another workstation, the user account at the first workstation will automatically be deactivated.

The security system provides identification and authorization for every terminal input. The Employee Security File contains significant data required to recognize each employee authorized to use IDRS. The Terminal Security File includes terminal identification to recognize each terminal in the IDRS.

In the Employee Security File there will be two profiles recorded, a production profile and a training profile. The production or training indicator in CC SINON determines which profile is used. While operating in the training mode, command codes will be used in exactly the same manner as when in production mode, but no actual updating of any IDRS data can be made. Only command codes contained on the Computer Assisted Training System can be used. Command codes not included on the Computer Assisted Training System will result in the error message "COMMAND CODE NOT ALLOWED IN TRAINING MODE" .

Trainees will be able to update a training account through real-time and then to be able to recall the account to view the updated effect. Accounts may be restored to the original condition by two methods:

When an IDRS user is signed on in the Training Mode, the terminal will be authorized the same command codes as the user’s training profile until he/she signs off.

See LEM 2.2.1.2.10 (1)

See LEM 2.2.1.2.10 (2)

A terminal will lock after See LEM 2.2.1.2.10 (3) a). In the event of a security lockout, the screen of the affected terminal will display the message " SECURITY LOCK ON THIS TERMINAL" and the See LEM 2.2.1.2.10 (3) b) will be displayed. The IDRS users must immediately notify his/her supervisor or USR who will initiate action to unlock the terminal.

Employees should always clear the screen when terminal operation is completed.

Employees should be sure to retrieve all prints if the terminal is connected to a printer. If someone leaves a print in the printer, it should be placed in classified waste if the originator cannot be determined.

IDRS terminals are programmed for real-time usage and are systemically deactivated at the end of each work day. Any input at a time not during the authorized time period will be recorded as a security violation.

Command Code RMODE authorizes an employee to use the command codes contained in his/her Training Profile in a research mode. The research mode differs from production mode in that production files are accessed but not updated. It differs from training mode in that the training files are not accessed. The research mode is to be used only by the IDRS Control Group and the CSA staff for researching production problems that can be resolved only by accessing production data. An Audit Trail Record will be produced for all inputs made in the research mode. In order to use the research capability, an employee must have CC RMODE in his/her Training Profile, and inpuit command code SINON with a Production/Training Indicator of R.