IRS watchdog, CTO at odds over testing ACA-linked systems
An oversight report reveals conflicting visions of testing IRS systems that generate tax information under the 2010 health care law.
(Bacho / Shutterstock)
The IRS oversees about $2 billion of IT systems connected with the Affordable Care Act, including data systems used to confirm enrollment in health insurance for tax purposes and to determine eligibility for premium subsidies, which are paid directly to insurance carriers but tabbed as advance tax credits connected with individuals and families receiving coverage.
According to a report from the Treasury Inspector General for Tax Administration, ACA connected systems at the IRS, in particular the Coverage Data Repository, which serves as the authoritative source of enrollment data for the IRS, need to be tested on an interagency basis with the federal and state exchanges where coverage is purchased.
The TIGTA audit report, dated June 2, 2015, and released Sept. 8, determined that IRS was increasing risks to systems development, management controls and security by not completing testing of new systems releases internally, before moving on to interagency testing. The audit report also found that planned interagency testing with federal and state exchanges was not completed before the start of the 2015 tax filing season.
"It is imperative that the IRS ensures that all its information technology projects, including those associated with the implementation of the [ACA], are capable of performing the tasks they are designed to perform," J. Russell George, Treasury Inspector General for Tax Administration, said in a statement.
IRS CTO Terrence Mulholland pushed back against two key TIGTA recommendations in the report. In comments dated April 14, 2015, he said that the CDR system is tested in conjunction with the Data Hub, an ACA system that pings various government databases with queries to determine eligibility for coverage under the health care law.
The CDR, Mulholland wrote, is tested to see if it receives data from the Data Hub and replies appropriately, but direct testing between CDR and federal or state exchanges is not necessary because those systems do not directly connect. Mulholland also said that the IRS, which uses agile methodology in systems development, reserves the right to decide whether release-level testing of IRS systems and interoperability tests should be conducted in sequence, or overlap.
"Without this flexibility, development, test, and deployment efforts would have been severely hampered," Mulholland wrote.