The incidents included the theft of a briefcase containing limited information about two taxpayers from a hotel room, and a computer disk security issue which, according to the ATO, did not result in any privacy concerns for any taxpayers.

Tax Commissioner Michael D’Ascenzo explained that he wanted to assure himself and the community that current information security procedures are rigorous, up to date, and reflect changes in work practices as technology evolves.

“I take security of taxpayer information very seriously. Nothing is more fundamental to good tax administration than the security of taxpayer information," D’Ascenzo stated.

“While our security systems are sound, experience has shown that people will sometimes make mistakes. Where we can eliminate those possibilities, we will," he added.

The independent review will look at information security issues and how they relate to the Tax Office including:

• Current protections, policies, practices and assurance processes;
• How the office compares with industry best practice;
• The effectiveness of staff awareness programs;
• Classification of information;
• Different work areas and their needs;
• Emerging trends such as flexible, home-based working arrangements;
• The differences between electronic and paper forms of information; and
• Protocols for the movement and exchange of information.

“I hope to have a final report with PricewaterhouseCoopers’ findings and recommendations by March next year, at which time I will share the report and our future plans with the community,” D’Ascenzo stated.