TIGTA recommends IRS address security vulnerabilities for ACA reporting

Sovos
December 10, 2014

This blog was last updated on June 27, 2021

The U.S. Treasury Inspector General of Tax Administration (TIGTA) has published a report detailing weaknesses in the IRS system for collecting tax information returns related to the Affordable Care Act (ACA). Specifically, TIGTA examined the ACA Information Returns (AIR) Release 1 Project.

TIGTA generated the report to determine how well the IRS can mitigate risk in regard to ACA reporting. This included issues relating to fraud detection, security and testing. Based upon security assessments conducted by the IRS, TIGTA provided several recommendations for how the agency’s chief technology officer should address weaknesses found within AIR.

Here are a few of TIGTA’s suggestions:

  • There should be systems in place to find and mitigate risks. Additionally, the IRS should run vulnerability scans on all databases.
  • Current vulnerabilities must be immediately resolved.
  • The agency must develop ACA plans of action and milestones to ensure the risks are mitigated within required timeframes.
  • Third-party contractors that conduct testing processes must be managed by the IRS information technology testing and implementation organization.

The IRS did not agree with TIGTA’s assessment in all regards. However, it did issue a statement to demonstrate its commitment to developing more secure systems and addressing vulnerabilities. 

“The IRS is committed to ensuring the security of our information technology systems and maintaining appropriately configured databases,” the IRS said. “[TIGTA’s] report acknowledges our security practices and makes several recommendations that upon implementation, will contribute to our shared objective of identifying and mitigating security vulnerabilities.”

The importance of securing taxpayer data
Though the TIGTA report focused on the IRS, it points to the importance of protecting taxpayer data as it is transmitted for the health care law’s new tax information reporting requirements. Insurers, large employers and self-insured employers must all ensure they have a secure system in place for collecting necessary data that is to be furnished to the IRS.

This is particularly true as more consumers become concerned about their data, and there is a growing risk of breaches. Additionally, experts predict there will be a large-scale breach in 2015 that will give more attention to the necessity of information security for consumer health care information, according to EHR Intelligence.

Furthermore, several new tax forms were introduced and organizations are scrambling to determine which department will be responsible for ACA reporting. There is general confusion about the health care law’s provisions; therefore, employers and insurers should take steps now to ensure accurate reporting that doesn’t put member information at risk.

Check out our education section for more about ACA reporting requirements for insurerslarge employers and self-insured employers.

Sign up for Email Updates

Stay up to date with the latest tax and compliance updates that may impact your business.

Author

Sovos

Sovos is a global provider of tax, compliance and trust solutions and services that enable businesses to navigate an increasingly regulated world with true confidence. Purpose-built for always-on compliance capabilities, our scalable IT-driven solutions meet the demands of an evolving and complex global regulatory landscape. Sovos’ cloud-based software platform provides an unparalleled level of integration with business applications and government compliance processes. More than 100,000 customers in 100+ countries – including half the Fortune 500 – trust Sovos for their compliance needs. Sovos annually processes more than three billion transactions across 19,000 global tax jurisdictions. Bolstered by a robust partner program more than 400 strong, Sovos brings to bear an unrivaled global network for companies across industries and geographies. Founded in 1979, Sovos has operations across the Americas and Europe, and is owned by Hg and TA Associates.
Share this post

dtc spirits new york
North America ShipCompliant
February 14, 2025
A New Era for DtC Spirits Shipping: How New York’s Market is Taking Shape

This blog was last updated on February 14, 2025 In the fall of 2024, New York became the latest state to open its doors to direct-to-consumer (DtC) spirits shipping, marking a significant milestone for the industry. As one of the most populous states with a thriving market for craft and high-end spirits, the shift was […]

North America Unclaimed Property
February 10, 2025
Delaware Announces 2025 VDA Invitation Dates

This blog was last updated on February 14, 2025 Mark your calendars – April 11, 2025 and August 15, 2025 are this year’s anticipated release dates for the Delaware’s Secretary of State (SOS) VDA program invitations. In the event that an organization receives an invitation to participate in the Voluntary Disclosure Agreement (VDA) program  , […]

North America Sales & Use Tax
February 6, 2025
The Tariff and Sales Tax Mishmash – Untying the Mess

This blog was last updated on February 14, 2025 Talk of tariffs dominates the current news cycle with some commentators suggesting that tariffs will spell disaster for our economy while others say the exact opposite. We’ve seen the stock market sometimes fluctuate as tariffs are announced but later suspended, leaving us to wonder whether an […]

retailer dtc wine shipping
North America ShipCompliant
February 6, 2025
Retailer DtC Wine Shipping: The Time Has Come

This blog was last updated on February 14, 2025 By Tom Wark, Executive Director, National Association of Wine Retailers We are often reminded by the media and those in the wine industry—as well as by wine enthusiasts—that the three-tier system of alcohol distribution in most states hinders consumer access to the expansive number of wines […]

Montana 1099-DA
North America Tax Information Reporting
February 5, 2025
State Filing Alert: Montana’s New 1099-DA Requirements for Crypto Brokers

This blog was last updated on February 5, 2025 Reporting digital asset transactions on Form 1099-DA just got a little more complicated. For 2025 transactions, crypto brokers that file Form 1099-DA with the IRS will be required to file the 1099-DA with the State of Montana. This makes Montana the first state to introduce a […]