IRS fails to protect taxpayer e-mails
According to a 2010 audit, IRS employees are disregarding the agency's e-mail policy and may be unnecessarily exposing the release of taxpayer data.
Federal investigators' findings, according to NextGov, include:
- Thirty-six percent of IRS workers authorized to e-mail taxpayers received 128 unencrypted, unsecured e-mail messages.
- Twenty-one percent of the people who sent the unencrypted e-mails to IRS were not the taxpayer.
- Twenty-one unencrypted e-mails messages were sent to 14 taxpayers from IRS staff members not authorized to e-mail taxpayers.
- More than a third of unauthorized IRS employees received unencrypted e-mail messages from 64 taxpayers.
Taxpayers are taking a risk if they decide to exchange e-mail messages with Internal Revenue Service staff members, according to a 2010 audit that found appropriate measures were not taken to ensure the messages were indecipherable to intruders, reports NextGov.
It may take until July 2012 until the IRS will be able to install a tool that can monitor for unprotected e-mails, and meanwhile the service's inspector general has recommended that the IRS terminate communication agreements with filers who continuously fail to code sensitive e-mail messages.