PAYE100050 - taxpayer records: COP records: wider access

When the COP computer system was first introduced, a system of Privacy and Access was included which allowed access to taxpayer records on the basis of legitimate business need. In multi-Management Unit offices, this access was extended to permit office management to allocate access rights for certain users to records in other Management Units within the office.

In order to provide a continuing effective service to customers in view of the developing change programme, it was decided that certain aspects of a taxpayer record could be viewed by another Processing Office. In certain cases it is not possible to access a taxpayer’s record at all. For example, records that have the Inspector Only signal set.

If a Processing Office owns a record for a celebrity, local dignitary or other well known person, and the Inspector Only signal is not already set on the record, the office management should consider the operational benefits of providing wider access. That is do they outweigh the potential for embarrassment if such personal information were to be disclosed, without authority, to a third party.

If safeguarding the information from unauthorised disclosure is more important, you should set the ‘Inspector Only’ signal on the taxpayer record. This means only an authorised user can work the case, so there are operational considerations you must bear in mind when reaching your decision.

Confidentiality of Information

You must make sure that any information that you acquire in the course of your work, especially about customer's affairs, is not misused or discussed outside the Department without authorisation. A serious view is taken of any failure to observe proper standards of confidentiality and customer privacy. Any breach will be investigated and disciplinary action up to including dismissal may be taken against the individual involved.

You should not attempt to access or browse your own records or records of family members, friends or celebrities. Ensure that you understand and observe the procedures at HRLG3.2.5 ‘Confidentiality and customer privacy’.

Now that taxpayer records can be accessed in other Processing Offices, you need to be even more careful in ensuring information is only given out to a caller if they prove beyond doubt that they are who they purport to be. You should remember

• Unscrupulous callers will know about the facility and they are more likely to make bogus calls to offices that do not own the taxpayer record than the owning office. If they fail to obtain the answer from one office, there is now nothing to stop them trying another office for the same information
• It is unlikely that an agent acting for a taxpayer will contact an office other than that which deals with his client. The receipt of this type of call should also make you suspicious
• Another Processing Office should have no need to telephone you for information that you can view using wider access. On receipt of such a call you should become suspicious

If the computer system is unavailable there may be an emergency need for a telephone call. If you receive a call from another Processing Office you should

• Take the telephone number of the caller
• Check that it is the correct number for the Processing Office
• Telephone back with the information

To confirm a personal caller’s identity

• Ask to see some form of verifiable identity

• A driving license

To confirm a telephone caller’s identity

• Take their telephone number and offer to telephone back

• Before phoning back check the number using a directory or enquiry service
• Determine if there is any information held on the taxpayer record which is likely to be known only by them

If you have any doubt at all do not give out confidential information to a caller either in person or over the telephone

To conform to legislation, HMRC must ensure that computers are not being used unless there is a legitimate business need. This applies equally to viewing records as it does to updating them. An audit trail is created each time a user accesses a record and any unauthorised or inappropriate accesses will be considered for action under the Department's Conduct and Discipline rules, and may also constitute a criminal offence.