006.05.98 Ark. Code R. § 025 - Regulation 1998-7 - Prohibition Against Browsing or Unauthorized Access

Pursuant to the authority provided in Ark. Code Ann. § 19-1-208 (1987), Ark. Code Ann. § 26-18-301 (1987) and Ark. Code Ann. § 25-15-201, et. seq. (1987) (the Arkansas Administrative Procedures Act), the Acting Director of the Arkansas Department of Finance and Administration hereby promulgates the following Regulation.

In accordance with the confidentiality provisions of ACA 26-18-303 and 26-51-813, all Department employees have an ethical and legal obligation to respect the privacy of taxpayers and any information entrusted to the Department. As such, and in compliance with the Taxpayer Browsing Protection Act (also known as the Unauthorized Access (UNAX) Act) ( Public Law 105-35 ), all employees are strictly prohibited from browsing, or engaging in any unauthorized access and/or inspection of, taxpayer information. "Employee" is defined to include all temporary, probationary and permanent employees, at all grades and levels. Therefore, in order to promote and maintain taxpayers' privacy, and preserve the confidentiality and security protections provided by the Department, all employees shall adhere to the following "Privacy Principles":

Principle 1:	Protecting taxpayer privacy and safeguarding confidential taxpayer information is a public trust.
Principle 2:	No information will be collected or used with respect to taxpayers that is not necessary and relevant for tax administration and other legally mandated or authorized purposes.
Principle 3:	Information will be collected to the greatest extent practicable, directly from the taxpayer to whom it relates.
Principle 4:	Information about taxpayers collected from third parties will be verified to the extent practicable with the taxpayers themselves before action is taken against them.
Principle 5:	Personally identifiable taxpayer information will be used only for the purpose for which it was collected, unless other uses are specifically authorized or mandated by law.
Principle 6:	Personally identifiable taxpayer information will be disposed of at the end of the retention period required by law or regulation.
Principle 7:	Taxpayer information will be kept confidential and will not be discussed with, nor disclosed to, any person within or without the Revenue Division other than as authorized by law in the performance of official duties.
Principle 8:	Browsing, or any unauthorized access of taxpayer information by any Revenue Division employee, constitutes a serious breach of the confidentiality of that
information and shall be grounds for termination of employment. Any person who , unlawfully engages in browsing or other unauthorized access will be reported to the Internal Revenue Service Office of Inspection and will be subject to all civil and criminal penalties provided by state and federal law.
Principle 9:	Requirements governing the accuracy, reliability, completeness, and timeliness of taxpayer information will be such as to ensure fair treatment of all taxpayers.
Principle 10	The privacy rights of taxpayers will be respected at all times and every taxpayer will be treated honestly, fairly and respectfully.

Notes

006.05.98 Ark. Code R. § 025

10/14/1998