The Washington Post

IRS handed taxpayer information to contractors without background checks

The Internal Revenue Service exposed more than 1 million taxpayers to “increased risk of fraud and identity theft” by giving their private information to contractors without background checks, according to a federal audit.

The Treasury Inspector General for Tax Administration said in a report released Thursday that the IRS handed over a disc containing sensitive data on about 1.4 million taxpayers to a printing firm without any of the company’s employees being subjected to screenings.

(Susan Walsh/AP)

The audit also revealed that the IRS did not ensure timely background checks for 12 other contracts, even though agency staff had determined that investigations were required for the businesses involved.

Additionally, auditors determined that 20 IRS contracts involved non-agency personnel who had not signed nondisclosure agreements, according to the report.

IRS policy requires contractor employees to have background checks if they will have access to “sensitive but unclassified” information, which includes the names, addresses and Social Security numbers that the IRS released to its service providers.

“Allowing contractor personnel access to and custody of sensitive information prior to the appropriate background screening process increases the risk to taxpayer and the IRS of misuse of taxpayer and other sensitive data and possible identity theft,” the report said.

The IRS said it began issuing more-explicit guidance and training over a year ago to ensure that contractor personnel with access to sensitive information submit nondisclosure agreements. The moves were in line with recommendations from the inspector general’s office.

“The IRS is committed to clarifying policies and procedures to ensure appropriate security provisions are included in all appropriate solicitations and contracts,” the agency said in a statement Thursday.

Asked whether the IRS knows of any incidents involving abuse of the sensitive information, the agency noted that the report did not include any findings of inappropriate use.

“Keep in mind, the IRS only provides contractors access to the necessary data needed to complete the contracted work and ensures that data is recovered or destroyed when the work is complete,” the agency said in a statement.

Josh Hicks covers Maryland politics and government. He previously anchored the Post’s Federal Eye blog, focusing on federal accountability and workforce issues.



Success! Check your inbox for details. You might also like:

Please enter a valid email address

See all newsletters

Show Comments
Most Read



Success! Check your inbox for details.

See all newsletters

Your Three. Videos curated for you.
Play Videos
Don’t be ‘that’ sports parent | On Parenting
Miss Manners: The technology's changed, but the rules are the same
A flood of refugees from Syria but only a trickle to America
Play Videos
John Lewis, 'Marv the Barb' and the politics of barber shops
Kids share best advice from mom
Using Fitbit to help kids lose weight
Play Videos
This man's job is binge-watching for Netflix
Transgender swimmer now on Harvard men's team
Portland's most important meal of the day
Play Videos
5 ways to raise girls to be leaders
How much can one woman eat?
The signature drink of New Orleans
Next Story
Josh Hicks · August 14, 2014

To keep reading, please enter your email address.

You’ll also receive from The Washington Post:
  • A free 6-week digital subscription
  • Our daily newsletter in your inbox

Please enter a valid email address

I have read and agree to the Terms of Service and Privacy Policy.

Please indicate agreement.

Thank you.

Check your inbox. We’ve sent an email explaining how to set up an account and activate your free digital subscription.