Beta This part of GOV.UK is being rebuilt – find out what this means

HMRC internal manual

Debt Management and Banking Manual

From
HM Revenue & Customs
Updated
, see all updates

Customer contact and data security: contact with third parties: disclosing information

The general rule when dealing with unauthorised third parties is that we can receive information but we must not disclose information or conduct a two way conversation unless we have prior authority from the customer.

If you are faced with a situation where a third party is offering vital or useful information then you should

  • take a note of

    • the information
    • who the third party is and their
    • relationship to the customer (if any)
  • note all this information on the IDMS notes and other HoD notes where necessary.

If you are given new designatory details you should not change any of the customers details without verifying them first, see DMBM512150.

If you are offered payment or the third party wants to set up a TTP, see DMBM511645.

You should be careful not to inadvertently give out any information to a third party and not allow yourself to be led into giving it away. If the third party asks you for confirmation or information you should explain that you are unable to disclose any information without the customers consent and where necessary ask the customer to call in themselves.

(This content has been withheld because of exemptions in the Freedom of Information Act 2000) DMBM510280(This content has been withheld because of exemptions in the Freedom of Information Act 2000)