IRS Puts Personal Identifiable Information (PII) at Risk

Jennifer Gladstone

Share

irs-pII-risk

You would hope the IRS would do everything in its power to protect your personal information. That doesn't always seem to be the case...

We talk a lot around the EBI office, and here on our blog, about the importance of making sure your vendors follow your guidelines when it comes to background screening.  In this age of identity theft, protecting your customer’s Personal Identifiable Information (PII) is one of the most important things a company can do.

At EBI, we hold our ISO 27001:2005 certification for information security, and we check out every single vendor to make sure they handle information as carefully as we do.

You would think that the Internal Revenue Service would show the same high level of respect for all of us by protecting the sensitive information we put in their care. But a new report from the Treasury Inspector General for Tax Administration says the IRS handed over a disk filled with PII from nearly 1.5 million people to a printing company that doesn’t screen its employees. The disk was filled with taxpayer names, addresses and social security numbers… basically everything an identity thief needs.  With no background screening, there is no way to know who handled that sensitive information. The IRS might have just thrown taxpayers to the wolves.

The IRS policy requires all contractors - or third party vendors - have background checks if they are going to have access to any sensitive information.  In addition to the printing company, the audit found 12 other contracts where the agency neglected to require background checks.  In 20 more contracts, contractors failed to sign required nondisclosure agreements.

There are no consequences of the breach; just a list of suggestions from the Treasury Inspector General on how to avoid problems in the future. One of the recommendations reads, “Ensure service contracts have appropriate security provisions and that appropriate background checks are conducted before they begin work.”  In short, the recommendation is to do what they were supposed to do in the first place.

So what does this mean to you? 

It’s a reminder, don’t be lazy and don’t be short-sighted or too trusting.  Anyone who works for you on a contract basis must have the same kind of background screening that you require of those on your payroll.  If contractors come on your property, have any access to work product or any contact with your customers, you cannot take a chance.  Even when you are dealing with a temp agency, make sure they are screening up to your standards.  Ignoring this step could cause a security breach or even a negligent hiring lawsuit down the line.

Discover the EBI Integrity Advantage

****

Employment Background Investigations is a technology driven leader in domestic and global pre-employment background checks, drug testing, occupational health screening and I-9 compliance. We specialize in development, implementation and management of customized employment screening programs for large and multinational clients. We are dedicated to information security.  EBI is the only NAPBS Accredited background screening company in the world to hold both an ISO 27001:2005 certification for information security and an ISO 9001:2008 certification for Quality Management.

All content provided by EBI is published for the convenience of its readers and should never be deemed as legal guidance or advice.  Always consult your legal counsel for specific advice on state laws and industry regulations.

Jennifer Gladstone

Posted By: Jennifer Gladstone

Jennifer Gladstone is a news anchor and journalist with more than 20 years of experience in front of the camera. She's worked in several markets, large and small, and has performed nearly every task needed in a newsroom. As EBI’s Screening News Editor, she keeps EBI’s customers and blog subscribers up to date on the latest screening news and legislative alerts affecting companies of all sizes.

Comments