Improvements are needed to ensure the security of health care information provided to the IRS by health insurance providers and pharmaceutical manufacturers and importers as part of the Affordable Care Act Information Returns Project, according to the IRS inspector general.
The AIR system will validate, accept or reject, and process branded prescription drug data and feed that data into an IRS database. The agency conducted security and other tests to identify vulnerabilities and test the functionality of the AIR Release 1 system, but improvements are needed to ensure its long-term success, said the Treasury Inspector General for Tax Administration concluded.
It recommended that the IRS’s Chief Technology Officer ensure that procedures are developed to provide direction on how to mitigate vulnerability weaknesses, vulnerability weaknesses identified are promptly corrected and resolved, that the ACA Plan of Action and Milestones adequately addresses the vulnerability weaknesses within required time frames, and that the IT implementation and Testing organization effectively manages the testing processes executed by external contractors. (Further recommendations were redacted.)
The IRS agreed with the overall nature of the recommendations and plans to implement corrective actions.
Report: http://www.treasury.gov/tigta/auditreports/2014reports/201423072fr.pdf
