August 2014
Misc.11
[Misc.11] Dealing with Customer Correspondence Received
through Email
1 Introduction.
The Revenue website lists a large number of email addresses via which our customers
can transact business or request information. Customers can find out which email
address to use by referring to the Contact Locator on our website.
Revenue’s Customer Service Standards outline our commitment to reply to 50% of
correspondence (including emails) within 10 working days, 85% within 20 working
days and 100% within 30 working days. Where a full reply cannot be issued within 30
days, we will write explaining why and tell the customer when to expect a full reply.
Revenue’s Secure eMail System
There are inherent dangers in transmitting confidential and sensitive information via
external email systems using the internet as these transmissions are potentially open to
interception and unintentional disclosure.
Under the Data Protection Acts, Revenue, has a legal responsibility to put procedures
in place to ensure that personal information is protected. Maintaining the
confidentiality of customer information is of critical importance to Revenue and this
is provided for in section 851A Taxes Consolidation Act 1997.
Revenue provides a secure email system to facilitate sending and receiving sensitive,
confidential or case specific information. To ensure the confidentiality of client
information, customers and their agents should only use the secure email system when
sending personal data to Revenue via email. The Security page on the Revenue
website contains information in relation to security issues that may arise for agents
and customers in their dealings with Revenue.
Revenue staff have been instructed not to use “non-secure” email to respond to emails
containing personal or sensitive data received from “non-secure” systems. Instead
Revenue staff will use other channels to respond to the email i.e. via the telephone or
by letter.
If email is an agent’s preferred channel of contact with Revenue they should register
for and, at all times, use the secure email system. Instructions on registering for and
accessing secure email are available on the Revenue website at: Online Services –
Secure eMail.
Registration is automatic on completion of the online application. Secure email
passwords issue by post within 2-3 working days. Until the password is received by a
customer or an agent, secure email cannot be used.
1
Misc.11
Revenue has a dedicated email address for secure email queries, including those
relating to lost or incorrect passwords. Queries can be sent by “normal” email to
securereg@revenue.ie. Where a password is lost, Revenue will issue a “forgot
password” link. This allows a password to be reset if the customer can answer a
security question. If the secure email account is blocked, for example by entering the
incorrect password on numerous occasions, Revenue issues a new password to the
customer by post or telephone.
The secure email system is particularly relevant to those persons wishing to submit
queries to the Revenue Technical Service (RTS). The use of the secure email system
to communicate with the RTS is recommended as the quickest and most convenient
channel. (Guidelines on Revenue's Service to Practitioners and Business Taxpayers
are available on our website http://www.revenue.ie/en/practitioner/rts-guidelines.pdf.)
Once registered for Secure Email, a customer can send a secure email to any member
of staff in Revenue. Revenue staff can send a message by secure email if the text
SecureMail: is in the subject line.
Customers and agents should note that Revenue is currently reviewing options to
replace the existing secure email service with a web based secure contact service
similar to ROS inbox functionality and the new ‘online enquiry’ facility for
Household Charge arrears.
Dealing with Customer Correspondence Received through Email
The following instructions outline how to deal with customer correspondence
received through email and should be read having due regard to Circular E. 6344
(14/07/2014) Revenue’s Email and Internet Usage Policy, which updated Circular E.
5988 (13/10/2006). The instructions must be adhered to when using email for dealing
with external customer correspondence in order to ensure appropriate, lawful and
secure use of this form of communication.

Never ask a customer to send personal, sensitive, or confidential information
to Revenue using standard (unsecure) email.

Always validate the identity of a customer who has submitted a request via
email.

Never include personal, sensitive, or confidential information in a standard
(unsecure) email to a customer. In some cases this may require that staff delete
personal information included in the email string before issuing a reply. This
should not prevent staff from replying by email to emails received, however,
staff should not put themselves in the position of sending a reply to a customer
that contains personal or commercially sensitive information.
2
August 2014
Misc.11

Always ensure email messages are correctly addressed to the intended
customer.

Do use Revenue’s Secure Email system, or another channel (e.g. phone or
post) to communicate confidential, personal or sensitive information to a
customer.
The advice of the Data Protection Commissioner is that personal data includes Name;
Address; Date of birth; PPSN; Bank account information; Employment information;
Details of partner/ relatives/ marital situation/ children or dependant relatives.
3