🔒Analysis of IRS Insider Risk Management Privacy Act Exemptions
Privacy Act of 1974; Exempting a System of Records From Certain Requirements
Summary
In accordance with the requirements of the Privacy Act of 1974, as amended, the Department of the Treasury is issuing a final rule, exempting a new Internal Revenue Service (IRS) system of records (SOR) entitled "Department of Treasury/Internal Revenue Service-- 34.018, Insider Risk Management Records" from certain provisions of the Privacy Act. The IRS Insider Risk Management system was established for information collected in connection with the IRS Insider Risk program to identify potential threats to IRS resources and information assets and facilitate management of insider threat investigations, complaints, inquiries, and counterintelligence threat detection activities. Specifically, the Department exempts portions of this SOR from one or more provisions of the Privacy Act because of criminal, civil, and administrative enforcement requirements.
Agencies
- Treasury Department
Business Impact
$$ - Med
The regulation involves the IRS system of records for insider risk management, requiring compliance from businesses handling sensitive data. The exemptions from the Privacy Act could impact businesses by altering data-sharing protocols, necessitating adjustments in privacy practices.