Our friends at ATR flagged a report from a few weeks ago from the Treasury Inspector General for Tax Administration (TIGTA) finding the IRS still has no regard for the security of confidential taxpayer information.
The report found:
The IRS did not maintain secure bins as required for sensitive documents waiting to be destroyed. The IRS used open containers and bins with disposal slots that have been altered or were in poor condition, allowing access to discarded sensitive documents.
The IRS no longer performs on-site inspections at facilities where sensitive documents are brought for destruction to ensure proper disposal…
Figure 4 provides examples of trash containers being used for all waste, including sensitive documents that contained tax information and Personally Identifiable Information.
As of October 2023, 387 facilities are covered under a national contract, and 17 facilities are covered by a local, stand-alone contract for sensitive document destruction, out of the 514 IRS facilities.
The use of these open trash containers exposes sensitive documents for anyone (employees, contractors, or visitors) to retrieve, which can cause a potential unauthorized access and disclosure incident. Once the trash leaves the IRS facility, it is possible someone could access sensitive information.
Remember this the next time some genius in congress proposes yet another informational reporting requirement to the IRS.