The IRS should do more to make sure federal taxpayer information does not fall into the wrong hands when it provides data to Obamacare’s insurance exchanges, the agency’s auditor said Thursday.
While investigators didn’t say any data has been lost or stolen yet, Inspector General J. Russell George said the IRS needs to tighten its security protocols and to make sure exchanges and other state agencies with access to data from the Affordable Care Act submit to an independent security assessment beforehand.
“The IRS must do more to ensure that federal tax information submitted to the ACA exchanges is protected and prevent its unauthorized disclosure,” Mr. George said.
While health officials have received most of the focus, the IRS plays a major role in Obamacare, doling out tax credits to Americans whose income level qualifies them for subsidies when they try to buy insurance on the exchanges.
State exchanges request limited tax information from the IRS through the federal data hub.
Investigators said neither of the state exchanges checked — California and Connecticut — had signed security authorizations in place. The authorizations were designed to make sure officials in charge acknowledged the risks of securing systems that deal in tax information.
SEE ALSO: Voters split over Obamacare, but most want candidates to move on: poll
The IRS agreed with the inspector general’s recommendations that exchanges submit the required assessment and signed authorization before they are cleared to obtain tax information.
Republican lawmakers said the report underscores their claim that Obamacare is a technological mess.
Rep. Diane Black, Tennessee Republican, said Thursday the report was “another reminder” that the Obama administration is failing to protect Americans’ sensitive information. She said the Government Accountability Office and the Department of Health and Human Services inspector general have also called on the administration to beef up security around Obamacare.
“This administration and all agencies involved owe it to the American people to ensure that their personal information is secure,” she said.
For its part, the IRS said it has a “long and proven” track record of transmitting tax data safely.
“The IRS has taken aggressive steps to ensure the protection of federal tax information shared with the Health Insurance Exchanges,” the agency said. “There have been no data breaches involving federal tax information shared with the Exchanges, and [the inspector general] did not find any specific or elevated risk to federal tax information maintained by the exchanges during the audit.”
Indeed, the inspector general said the IRS’ systems for exchanging data functioned “largely as expected” when it disclosed data to the state-run and federal exchanges more than 22 million times from October of last year through March.
• Tom Howell Jr. can be reached at thowell@washingtontimes.com.
Please read our comment policy before commenting.