DOR Confidentiality Training 2021
This document serves as an accessible version of this course and is intended only for those individuals who require an accommodation for a disability. If you do not require an accommodation based on a disability, you must complete the web-based training through ESS > My Training to receive credit of your transcript.
Resources are available for employees and include:
This short, web-based training is required for all Department of Revenue employees and contractors that provide service to the Department of Revenue and may come into contact with confidential or sensitive information.
In this course will:
· Provide an overview of tax confidentiality as well as review examples of what is considered tax information. We will also review the Pennsylvania laws and regulations that provide guidance on confidential information.
· Discuss some general information regarding federal tax information as well as discuss the laws and regulations that provide guidance on federal tax information.
· Discuss what “other confidential information” means and the importance of safeguarding and protecting that information.
· Discuss Email and IT security and your role in ensuring that confidential and or sensitive information is protected.
As an employee for the Department of Revenue or someone that provides service to the Department of Revenue, it is important that we understand the requirements for protecting confidential and sensitive tax information, even if we do not directly deal with taxpayers or have access to tax information.
The Confidentiality Agreement provides the framework for employees and contractors to recognize the confidentiality and sensitive nature of the information that we may become aware of at the Department of Revenue.
Please read and acknowledge the Confidentiality Agreement. Your supervisor will be reaching out to you to review the agreement and discuss any questions you may have.
What does the department consider confidential tax information?
Some examples include but are not limited to: taxpayer names; social security numbers; taxpayers addresses; amounts and sources of income; assessments, interest, and penalties; and whether a taxpayer has filed a return or not.
As a rule, ALL information about a return or a taxpayer is considered confidential.
· 18 Pa. C.S.A. §7611(a) (2) of the Pennsylvania Crimes Code prohibits persons from intentionally and without authorization accessing any computer, computer system, computer database, or computer network. A violation is a felony of the third degree – meaning, 3.5 to 7 years in prison and a fine of up to $15,000.
· Section 201 of the Confidentiality of Social Security Numbers Act prohibits persons from intentionally communicating Social Security numbers or otherwise making them available to the general public. A violation is a summary offense punishable by a fine.
· 72 P.S. §7353 (f) of the Tax Reform Code of 1971 states that it shall be unlawful for any Commonwealth employee to do any of the following activities:
o “divulge or to make known in any manner whatever, not provided by law…to any person, the amount or source of income, profits, losses, expenditures or any particular thereof set forth or disclosed in any return;
o “publish in any manner whatsoever not provided by law, any return or any part thereof or source of income, profits, losses or expenditures appearing in any return.”
o §7353 (f) provides that a Commonwealth employee convicted of this provision is guilty of a misdemeanor and shall also be discharged from Commonwealth employment.
· 72 P.S. § 731 of the PA Fiscal Code states that any information gained as a result of any returns, investigations, hearings or verifications required or authorized under the statues of the Commonwealth imposing taxes or bonus for State purposed, or providing for the collection of the same, shall be confidential except for official purposes. Language was added to clarify that the confidentiality requirements provided for tax returns also apply to similar tax-related documents, including reports, correspondence, claims, and certifications and for tax credits and programs relating to revenue transfers. It also discusses the penalties that an employee may be subject to for a violation of this section of the code.
As employees or those that provide service to the Department of Revenue, it is also important that we understand the provisions for Federal Tax Information or FTI.
As a rule, all return and return information or information that came from returns are confidential. Employees and contractors may not access or disclose return or return information unless specifically authorized under the provisions of the Internal Revenue Code.
What do we mean when we say return? Generally, a return is any IRS tax or information return, estimated tax declaration or refund claim.
What about return information? While the definition is broad, you can see some examples include: taxpayer’s name, address and id number; information collected by the IRS concerning tax affairs; information extracted from a return; and whether a return was filed, or its status.
Because of the sensitive and confidential nature of this information, it is important that we safeguard this federal tax information as well as any other sensitive or confidential information. Some tips are to make sure that you do not leave confidential taxpayer information unsecured, label all commingled data, and ensure that you protect any correspondence or devices that contain confidential taxpayer information. Commingled data refers to any data that has FTI mixed in with it such as if the department updates a taxpayer’s address based on the federal tax return.
· Section 7213 of the Internal Revenue Code makes it unlawful to willfully disclose Federal tax returns or return information to any person for a reason other than tax administration. Violation of this section is a felony punishable by a fine in any amount not exceeding $5,000, or imprisonment of not more than five years, or both, together with costs of prosecution.
· Section 7213A of the Internal Revenue Code makes it unlawful to willfully inspect Federal tax return information for a reason other than tax administration. Violation of this section shall be punishable by a fine in any amount not to exceed $1,000 or imprisonment of not more than one year, or both, together with costs of prosecution.
· Section 7431 of the Internal Revenue Code provides for civil damages for unauthorized review or disclosure of returns or return information. The taxpayer may seek civil damages, which includes the cost of the action and the greater of $1,000 for each act of unauthorized review or disclosure and the sum of actual damages plus additional punishment of the defendant.
· The Social Security Act (42 USC § 405(c)(2)(C)(viii)) provides that Social Security numbers are confidential and shall not be disclosed. A violation of the Social Security Act constitutes a violation of Section 7213 of the Internal Revenue Code.
Confidential tax information should only be accessed, released, used, discussed, divulged, or disclosed for business-related purposes only.
That means that any personal and/or non-business-related reasons are strictly prohibited.
As a reminder, access to the information does not equal permission. Permission to access, release, use, discuss, divulge, or disclose is for work-related purposes only.
In addition, access of your own personal tax information or that of any friends, relatives, or personal acquaintances is strictly prohibited.
If you encounter a situation that may be inappropriate or give the appearance of impropriety you must notify your supervisor or someone in your chain of command.
The work rules regarding confidentiality of tax information apply to state as well as federal tax information.
· What if I have a question about my own taxes?
o If you have a question about your own taxes, you may call the Customer Experience Center (CEC) at 717.787.8201 they are available from 8 am – 5 pm on weekdays. You could also schedule a call time.
· What if I access someone’s information on accident?
o If you access someone’s information on accident, note when the improper access was and immediately contact your supervisor and let them know what happened.
· What if I know the person who called in?
o If you realize that the person you are talking to is someone you know, ask the person if you can place them on hold and reach out to your supervisor. Depending on the relationship to you, they may need to assign another person to handle the customer’s concerns.
· What if I’m assigned a case of someone I know?
o If you get a case assigned to you that involves a person you may know, you must disclose to your supervisor when an assignment involves people with whom you have social, business, or other relationships that might impair, or give the appearance of impairing your impartiality or independence.
In addition to state and or federal tax information, employees may have access to other types of confidential or sensitive information. These include: Personally Identifiable Information (PII), financial information, HR information, and other types of confidential information.
Personally Identifiable Information refers to information which can be used to distinguish or trace an individual’s identity such as their name, social security number, biometric records, etc. alone, or when combined with other personal or identifiable information which is linked or linkable to a specific individual, such as date and place of birth, mother’s maiden name. etc.
Financial information refers to any information that provides a record of financial activities of a business or individual.
Other confidential information refers to any information that is considered internal and/or confidential and can include things such as: internal memos and documents, or manuals on internal procedures. As a reminder, we are responsible for safeguarding and protecting ALL confidential or sensitive information that we encounter as part of our job duties.
As part of protecting confidential and or sensitive information, it is also important that we understand our responsibilities in protecting our email and other IT resources.
As a practice, passwords should never be stored with or near your equipment. They should also never be given to anyone else. Remember, IT will NEVER ask you for your password.
It is also important that we encrypt any emails that are sent to external email addresses that contain confidential tax information and is a requirement of the IRS for any federal tax information that is sent out.
If your Commonwealth issued equipment is ever lost or stolen you must immediately report it to EBR IT and your chain of command.
According to the Commonwealth of Pennsylvania Information Technology Acceptable Use Policy (MD 205.34), persons shall not forward work emails, calendar items, or documents to their personal non-Commonwealth issued email address. If you have a legitimate business-related reason to have access to your work emails from a personal device, you should discuss that with your supervisor to request access.
Before accessing or sending confidential tax information, ask yourself:
1. Do I have a work assignment/purpose to look up this information?
2. Does the recipient have a right or work-related purpose for receiving this information?
3. Am I properly securing this information BEFORE I send it – such as encryption of the email and the content of the email?
While violation of many of the rules and policies discussed in this training can result in discipline, up to and including termination, violation of the Department of Revenue's Tax Information Confidentiality Agreement WILL result in termination of employment or termination of contract. It can also result in civil and criminal penalties, which could include fines and/or imprisonment.
· I understand that although I may have the ability to access confidential and/or sensitive information, I do not have the permission or authority to do so except for a business-related purpose.
· I understand that if I have any questions regarding the access to, or disclosure of, confidential tax information I am to speak with someone in my chain of command or in the Human Resources Office before taking any action.
· I understand that I will not access, use, discuss, divulge, or disclose any confidential and/or sensitive information, including FTI, to anyone without an authorized Commonwealth business-related purpose.
· I understand that it is my responsibility to safeguard and secure any confidential and/or sensitive information that I have access to and in the event of an unauthorized access and/or disclosure, I will immediately notify, EBR IT, someone in my chain of command or the Human Resources office.
· I understand that if I violate any of the provisions of the policies, laws, or regulations outlined in the previous slides by accessing, using, discussing, divulging, or disclosing confidential and/or sensitive information including FTI, I may be subject to disciplinary action up to and including termination as well as subject to possible criminal prosecution and/or civil liability as well as the potential for damages/liability under the contract.
Thank you for completing this course. This version of the course is intended for individuals who require an accommodation for a disability. Once you have fully reviewed the information in this training, reach out to EBR Talent Development at ra-oaebrtraining@pa.gov to request credit for completing this course. You will not receive credit for completing this course until you do so.