The Internal Revenue Service (IRS) is facing slow going in implementing remaining phases of its Data Loss Prevention software solution, despite Phase 1 of the effort “working as intended,” a Treasury for Inspector General for Tax Administration (TIGTA) report found. TIGTA urged several steps for the IRS to pick up the pace of deployment.
The IRS began the Safeguarding Personally Identifiable Information Data Extracts Project, which includes the Data Loss Prevention Solution, in 2010.
The first phase of the effort – the Data-in-Motion component – was implemented by the project team, and TIGTA testing found that component was identifying and blocking personally identifiable information (PII) as intended. But delays in implementing remaining components are holding up effectiveness of the larger Data Loss Prevention solution, TIGTA said.
“The causes of the delays include technical, project management, and administrative issues,” the TIGTA report states. “Because of the delays, two key components involving data in repositories and data in use are still not operating more than eight years after the project started.”
TIGTA recommended that the IRS CIO proceed with deploying the other components of the Data Loss Prevention solution, ensure that project documents are maintained, and ensure that possible negotiating speed bumps with the National Treasury Employees Union are identified and ironed out.
The IRS agreed with the recommendations and is currently planning to deploy the remaining Data Loss Prevention solution components. IRS is also working with the National Treasury Employee Union and will inform the union of any issues that arise from implementing remaining components, the TIGTA report said.