Is IRS in Position to Protect Taxpayer Personal Information?

The IRS handles the files of thousands of individuals every day and hundreds of millions of individuals each year.  Based on the sheer volume of data the IRS stores and transmits, it is no surprise the IRS will mishandle that information at times.  But when it happens to you, especially because the IRS is not following its own procedures, it does not make it any less bothersome or concerning.

Such is the case with one man in California whose personal information the IRS faxed recently to the wrong location because they did not verify the fax number.

As first reported on, the IRS intended to send 10 pages of income data for the years 2010 to 2012 to the man’s certified public accountant.  Instead, the IRS sent the information to TO Tire Supply, an auto supply company located in the same Los Angeles suburb as the accountant.

The loss of this type of information is especially concerning since it provides everything someone needs to transfer all of the money out of the individual’s bank accounts.  Even worse, someone with this information would now have enough to commit identify theft, using that person’s information to open new lines of credit.

“This information shouldn’t be in anyone’s hands but the person who owns the information,” noted Derek Broes, a relative of the owner of TO Tire Supply.  “There’s a whole lot of stuff here to do a whole lot of destruction.  His life could be destroyed.  You don’t handwrite this type of information, it has to be verified.  It’s pretty bad.”

The cover page on the fax bore the following verbiage, which made it clear personal information followed:

“This communication is intended for the sole use of the individual to whom it is addressed and may contain information that is privileged, confidential, and exempt from disclosure under applicable law.  If the reader of this communication is not the intended recipient or the employee or the agent for delivering the communication to the intended recipient, you are hereby notified that any dissemination, distribution, or copying of this communication may be strictly prohibited.”

While this warning would perhaps lead an honest person to destroy the information that followed to seek to get it into the hands of the correct recipient, a thief might not respond in such a manner.  Rather, if this information had fallen into the hands of someone bent on making some easy money, the disclaimer would likely do little to dissuade them from the theft.

Employers have strict guidelines they must follow to protect the personal information of their employees.  However, the time employers take to follow those requirements becomes moot when the IRS, who holds that personal information for all employees, does not take similar precautions.

“A chain is only as strong as its weakest link,” added Broes.  “Either get it right or don’t do it.  It’s a joke.”

Broes contacted the IRS to report the inadvertent receipt of the fax.  However, at the time of the writing of this story, he had not received a response.

Beginning in 2014, with the creation of ObamaCare, the IRS will have additional responsibility for handling certain medical information of taxpayers to ensure they are reflecting expenses properly on their tax returns.

Connect with Mark on Google+

by Mark Johnston

Mark has been a contributor to legal web sites related to bankruptcy, tax, and criminal law since 2011. He has an Accounting degree from Texas A&M University.