IRS Needs To Bolster Protection for Taxpayer Data Sent to Exchanges
The Internal Revenue Service needs to enhance its security protocols to ensure the protection of taxpayer data that are submitted to the Affordable Care Act's health insurance exchanges, according to an audit by the Department of Treasury's inspector general, the Washington Times reports (Howell, Washington Times, 10/23).
Under the ACA, IRS is required to calculate the maximum amount of tax credits available to eligible U.S. residents purchasing coverage through the exchanges and ensure the total subsidy amount aligns correctly with their income level. According to The Hill, the ACA allows the agency to share certain tax information with state exchanges to facilitate the subsidy assessment process.
Audit: IRS Must Do More To Protect User Data
DOT Inspector General Russell George in the audit said IRS does not do enough to ensure that tax information is safe before it is released to the exchanges (Becker, The Hill, 10/23).
Specifically, investigators found that neither the California nor Connecticut exchanges -- the two checked in the audit -- had signed security authorizations in place to make officials aware of the risks of securing systems that contain tax data (Washington Times, 10/23). In addition, the audit found that the agency does not require the state exchanges to perform a security check before receiving the tax data (The Hill, 10/23).
The inspector general recommended that the exchanges submit a signed authorization and required assessment before IRS can send them taxpayer information.
IRS agreed to the recommendations (Washington Times, 10/23). However, the agency also said that it has taken "aggressive steps" to protect taxpayer data and that no "specific or elevated risk to federal tax information maintained by the exchanges" was found during the audit (The Hill, 10/23).This is part of the California Healthline Daily Edition, a summary of health policy coverage from major news organizations. Sign up for an email subscription.