This service is available through the IRS’s Taxpayer Digital Communication (TDC) program. In accordance with Section 208 of the E-Government Act of 2002, TDC undergoes routine Privacy and Civil Liberties Impact Assessment (PCLIA) reviews to ensure it conforms with applicable legal, regulatory and policy requirements for privacy. Review the PCLIA for TDC PDF for more information. Where We Host Your Data Amazon Web Services GovCloud, certified as FedRAMP high, hosts TDC and its data. FedRAMP is a U.S. government-wide program that provides a standardized approach to security assessment, authorization and continuous monitoring for cloud products. Through this, TDC follows increased government security and compliance requirements. Visit the AWS GovCloud website for more information. How You Know the System Is Secure TDC follows federal security standards from the National Institute of Standards and Technology, the Office of Management and Budget and the Federal Information Processing Standards Publication. TDC has an annual audit under the Federal Information Security Modernization Act and Security Control Assessments to ensure it meets these cybersecurity practices. Also, the system undergoes Digital Identity Risk Assessment reviews to assess and mitigate risks associated with electronic transactions in accordance with IRS requirements. See IRM 10.10.1.10. Data Encryption TDC handles and stores information in the eGain database using AWS Elastic Block Store (EBS). It encrypts information using federally approved Advanced Encryption Standard-256. Virus Checks TDC uses an enterprise solution to perform antispam, antivirus and content-filtering of inbound and outbound communication. A virus scan checks all inbound and outbound attachments. The TDC system does not accept attachments with embedded executable files such as .EXE, XML or PIF.