Taxpayer Confidentiality:

Federal, State, and Local Agencies Receiving Taxpayer Information

GGD-99-164: Published: Aug 30, 1999. Publicly Released: Aug 30, 1999.

Additional Materials:


James R. White
(202) 512-5594


Office of Public Affairs
(202) 512-4800

Pursuant to a congressional request, GAO assessed the disclosure practices and safeguards employed by the Internal Revenue Service (IRS) and other federal, state, and local agencies to protect taxpayer information, focusing on: (1) which federal, state, and local agencies receive taxpayer information from IRS; (2) what type of information they receive; (3) how the taxpayer information is being used; (4) what policies and procedures the agencies are required to follow to safeguard taxpayer information; (5) how frequently IRS is to monitor agencies' adherence to the safeguarding requirements; and (6) the results of IRS' most recent monitoring efforts.

GAO noted that: (1) there were 37 federal and 215 state and local agencies that received, or maintained records containing, taxpayer information under provisions of section 6103 during 1997 or 1998; (2) the information that agencies received included, among other things, the taxpayers' names, Social Security numbers, addresses, and wages; (3) the information came in a variety of formats; (4) some agencies received the information on a regular schedule; (5) others received the information on an as-needed basis, such as while conducting criminal investigations; (6) federal, state, and local agencies said they used taxpayer information for one of several purposes, such as administering state tax programs, assisting in the enforcement of child support programs, verifying eligibility and benefits for welfare and public assistance programs, and conducting criminal investigations; (7) before receiving taxpayer information from IRS, agencies are required to advise IRS how they intend to use the information and to provide IRS with a detailed safeguard plan that describes the procedures established and used by the agency for ensuring the confidentiality of the information they want to receive; (8) these safeguard plans are supposed to be updated every 6 years or if significant changes are made to the agencies' procedures; (9) agencies are also required to submit annual reports to IRS summarizing their efforts to safeguard taxpayer information and any minor changes to their safeguarding procedures; (10) in addition to providing IRS with safeguarding plans and annual reports, agencies' Offices of Inspector General may also review internal agency programs for safeguarding restricted or classified information; (11) IRS conducts on-site reviews to ensure that agencies' safeguard procedures fulfill IRS requirements for protecting taxpayer information; (12) IRS' National Office of Governmental Liaison and Disclosure, Office of Safeguards, has overall responsibility for safeguard reviews to assess whether taxpayer information is properly protected from unauthorized use or access as required by the Internal Revenue Code and to assist in reporting to Congress; (13) IRS' safeguard reviews have identified discrepancies in agency safeguard procedures and made recommendations for corrections; and (14) the reviews have uncovered problems with agency safeguarding procedures, ranging from inappropriate access to taxpayer information by contractor staff to administrative matters, such as the failure to properly document the disposal of information.

Mar 1, 2021

Jan 14, 2021

Nov 18, 2020

Nov 9, 2020

Oct 19, 2020

Sep 23, 2020

Aug 31, 2020

Jun 29, 2020

Jun 16, 2020

May 1, 2020

Looking for more? Browse all our products here