Report Says IRS Fails to Protect Sensitive Data


The agency tasked with processing more than 220 million tax returns annually is not doing an adequate job of protecting the sensitive personal financial information of the taxpayers submitting those forms, according to a report from the Treasury Inspector General for Tax Administration (TIGTA).

TIGTA said IRS employees reported the loss or theft of 490 laptop computers between Jan. 2, 2003, and June 13, 2006. Many of the thefts were attributed to employees failing to properly secure laptops in their homes and cars or not storing the machines in locked cabinets when not in use. TIGTA said it is likely many of the lost computers contained unencrypted taxpayer data and employee personnel data. The report also notes TIGTA warned the IRS as early as July 2003 that other devices such as flash drives, CDs and DVDs contained sensitive data that was not encrypted, but the IRS had not taken adequate corrective actions.

The report recommends the IRS take measures such as refining incident response, buying computer cable locks for employees’ laptops and including instructions on using approved encryption software on all electronic media devices.

The report is available at www.treas.gov/tigta/auditreports/2007reports/200720048fr.pdf .

SPONSORED QUIZ

How well do you know small business?

There are over 30 million small businesses in the U.S., and many of them are optimistic in their outlook. Are you familiar with the obstacles and opportunities they are facing? Test your small business acumen with this quiz sponsored by Chase Ink®.

SPONSORED REPORT

In focus: Payroll

Providing payroll services that comply with ever-changing regulations and meet evolving employee and employer demands is no easy task. Paychex's Tom Hammond discusses common payroll considerations for CPA firms.