TIGTA recommends IRS address security vulnerabilities for ACA reporting

Sovos
December 10, 2014

This blog was last updated on June 27, 2021

The U.S. Treasury Inspector General of Tax Administration (TIGTA) has published a report detailing weaknesses in the IRS system for collecting tax information returns related to the Affordable Care Act (ACA). Specifically, TIGTA examined the ACA Information Returns (AIR) Release 1 Project.

TIGTA generated the report to determine how well the IRS can mitigate risk in regard to ACA reporting. This included issues relating to fraud detection, security and testing. Based upon security assessments conducted by the IRS, TIGTA provided several recommendations for how the agency’s chief technology officer should address weaknesses found within AIR.

Here are a few of TIGTA’s suggestions:

  • There should be systems in place to find and mitigate risks. Additionally, the IRS should run vulnerability scans on all databases.
  • Current vulnerabilities must be immediately resolved.
  • The agency must develop ACA plans of action and milestones to ensure the risks are mitigated within required timeframes.
  • Third-party contractors that conduct testing processes must be managed by the IRS information technology testing and implementation organization.

The IRS did not agree with TIGTA’s assessment in all regards. However, it did issue a statement to demonstrate its commitment to developing more secure systems and addressing vulnerabilities. 

“The IRS is committed to ensuring the security of our information technology systems and maintaining appropriately configured databases,” the IRS said. “[TIGTA’s] report acknowledges our security practices and makes several recommendations that upon implementation, will contribute to our shared objective of identifying and mitigating security vulnerabilities.”

The importance of securing taxpayer data
Though the TIGTA report focused on the IRS, it points to the importance of protecting taxpayer data as it is transmitted for the health care law’s new tax information reporting requirements. Insurers, large employers and self-insured employers must all ensure they have a secure system in place for collecting necessary data that is to be furnished to the IRS.

This is particularly true as more consumers become concerned about their data, and there is a growing risk of breaches. Additionally, experts predict there will be a large-scale breach in 2015 that will give more attention to the necessity of information security for consumer health care information, according to EHR Intelligence.

Furthermore, several new tax forms were introduced and organizations are scrambling to determine which department will be responsible for ACA reporting. There is general confusion about the health care law’s provisions; therefore, employers and insurers should take steps now to ensure accurate reporting that doesn’t put member information at risk.

Check out our education section for more about ACA reporting requirements for insurerslarge employers and self-insured employers.

Sign up for Email Updates

Stay up to date with the latest tax and compliance updates that may impact your business.

Author

Sovos

Sovos is a global provider of tax, compliance and trust solutions and services that enable businesses to navigate an increasingly regulated world with true confidence. Purpose-built for always-on compliance capabilities, our scalable IT-driven solutions meet the demands of an evolving and complex global regulatory landscape. Sovos’ cloud-based software platform provides an unparalleled level of integration with business applications and government compliance processes. More than 100,000 customers in 100+ countries – including half the Fortune 500 – trust Sovos for their compliance needs. Sovos annually processes more than three billion transactions across 19,000 global tax jurisdictions. Bolstered by a robust partner program more than 400 strong, Sovos brings to bear an unrivaled global network for companies across industries and geographies. Founded in 1979, Sovos has operations across the Americas and Europe, and is owned by Hg and TA Associates.
Share this post

2025 tax filing season
North America Tax Information Reporting
November 21, 2024
Top 5 FAQs to Prepare for the 2025 Tax Filing Season

This blog was last updated on November 21, 2024 While “spooky season” may be over for most of us, the scariest time of year for many businesses is right around the corner: tax filing season. As they brace themselves for the flood of forms, regulatory updates, and tight deadlines, the fear of missing a critical […]

dtc shipping law updates
North America ShipCompliant
November 13, 2024
DtC Shipping Laws: Key Updates for Alcohol Shippers

This blog was last updated on November 13, 2024 When engaging in direct-to-consumer (DtC) shipping of alcohol, compliance with different state laws is paramount and so keeping up with law changes is critical. In 2024, the rules in several states for DtC have already been adjusted or will change soon. Here is a review of […]

sales tax vs. use taxes
North America Sales & Use Tax
November 8, 2024
Sales Tax vs. Use Tax, Explained. Who Reports What, and When?

This blog was last updated on November 19, 2024 One of the core concepts in sales tax compliance is also one of the most frequently misunderstood: the differences between sales tax and use tax. These tax types may look similar on the surface, but knowing the differences is essential for staying compliant and avoiding costly […]

2025 bond project
North America Tax Information Reporting
November 4, 2024
2025 NAIC Bond Project – The Insurer’s Guide

This blog was last updated on November 14, 2024 The regulatory landscape for insurance companies is undergoing significant changes with the Principles-Based Bond Project which is set to take effect on January 1, 2025. These changes, driven by the National Association of Insurance Commissioners (NAIC), will impact how insurance companies classify and value bond investments, […]

E-Invoicing Compliance EMEA VAT & Fiscal Reporting
November 1, 2024
VAT in the Digital Age Approved in ECOFIN

This blog was last updated on November 7, 2024 The long-awaited VAT in the Digital Age (ViDA) proposal has been approved by Member States’ Economic and Finance Ministers. On 5 November 2024, during the Economic and Financial Affairs Council (ECOFIN) meeting, Member States unanimously agreed on adopting the ViDA package. This decision marks a major […]