The Internal Revenue Service (IRS) has protected taxpayers’ Social Security numbers on only 7 percent of the documentation it issues, according to an audit by the Treasury Inspector General for Tax Administration (TIGTA).
TIGTA reviewed a sample of IRS documents and found that a majority still contains sensitive data.
TIGTA found in a review of documents from January 2015 that among 195 notices, 891 forms, and 2,749 letters issued by the IRS that had sensitive taxpayer information—a total of 3,835 documents—only 93 notices, 116 forms, and 58 letters either masked or eliminated the sensitive taxpayer data. This means that the IRS protected data on only 267 of the total 3,835 documents, or 7 percent of the total.
The Office of Management and Budget mandated in March 2009 that the IRS should halt the unnecessary use of Social Security Numbers. But since then, the audit found that the IRS has made "limited progress" in this effort.
The inspector general conducted this investigation because the IRS issues a large volume of correspondence. It issued 141 million notices and 37 million letters to taxpayers in fiscal year 2014 alone.
Because identify theft was reported to be one of the top complaints at the Federal Trade Commission, especially identify fraud by mail, the audit was done to ensure that the IRS was making progress in protecting Social Security numbers.
"A person’s Social Security Number is the most valuable piece of personal data identity thieves can obtain," said J. Russell George, a TIGTA official. "The fact that the IRS does not have processes and procedures to accurately identify all correspondence that contain Social Security Numbers remains a concern."