I buy widespread incompetence in government IT management in general and the IRS in particular. (Not commenting on the political valence of this, in observance of the HN politics rule.)
Last year, after requesting an ITIN for my wife (who is not a US citizen and thus requires an SSN-esque replacement to be able to file joint taxes), we received two letters from the IRS. One had the ITIN. The other denied our request for the ITIN on the basis that "We have already issued her an ITIN." Apparently, the IRS explains, that second letter should have immediately set my accountant and I to doing forensic debugging of their protocols, because it means that something "seriously wrong" happened to our returns.
What? Glad you asked. See, the IRS had lost my return. "What?" The paper was "in the building somewhere" -- we had gotten a receipt -- but they were unaware of what desk it was at. (Their first hypothesis was "You failed to file", and they threatened penalties for that, until being confronted with a Post Office return receipt. Which is, by the by, why you should always get a receipt.)
My accountant took over yelling at them for a while to find the return, and they eventually did, and -- miracle of miracles -- they typed it into the computer. Twice. Thus generating two separate and equal returns going through non-idempotent processes, such as ITIN generation.
When those two returns met up in the reconciliation stage, they blocked each other from processing. No one at the IRS noticed this, for approximately 7 months, until my third call to their CS line got someone to actually look at the file. She hit "delete" on the duplicate. (I really hope she was simplifying that for me, because it scares me if they can actually delete anything.) Return processed almost immediately, refund check cut 48 hours later.
I almost feel sorry for them on being unprepared to unearth potential political malfeasance, because that is after all a distraction from the day to day administration of the Revenue Code, but processing returns is, as the saying goes, "their only job."
"She hit "delete" on the duplicate. (I really hope she was simplifying that for me, because it scares me if they can actually delete anything.)"
I read a blog post once by a former IRS employee who claimed to have been forced to run major sql commands against a live db in his boss's office with a bunch of other senior execs looking on.
This was supposed to have happened in a regional office and the db was not of primary importance but not insignificant either.
My experience (fortunately relatively brief) of the American healthcare system's IT was that it could hardly get worse, although perhaps tempting fate is unwise. Lost records, insurance filings never coded or processed correctly; the only way anything got done was waiting on the phone for hours to get claims fixed, and photocopying records myself to have a copy I could physically carry somewhere. My favorite almost-worked-but-not-quite case was when an ophthalmologist managed (after 4 weeks) to get a copy of a retinal scan from my previous doctor in another city... but the photograph was sent as a completely unreadable fax, in the year 2010.
Yes, the system is an embarrassment, but Obama knew the Only
possible way to provide Americans with Insurance was to use
for for profit insurance companies. I have huge concerns over health care, but at least I know I won't end up in Superior Court and lose my house if I get sick. I didn't
have insurance when the Obama administration was trying to provide a Universal Healthcare Plan--the Republicans and even some Democrates were ruthless, and beyond dogmatic at
attacking him. Obama knew if he didn't do something; we
would have nothing!
So Yes, Health Care is a mess and we need to fix it. I feel we need some drastic changes; We need tort reform for
Doctors. We need to build more medical schools, and offer
a free education to the best applicants. Many drugs should
be OTC.(If people abuse the system--they would lose the privilege). Use of fingerprints could weed out the Narco
pill poppers? Patients on long term, daily medication should be able to refill their prescriptions--up to a year.(This would include long term pain management drugs). I
could go on and on, but we need to drastically change the
system, or at least do pilot trials?
I don't have all the answers; I'm just tired of doctors dragging me into office visits for no real reason--other
than to take my money, or charge the Insurance companies.
The next time your refills run out and you have to schedule
an office visit you will know my frustration.
I'm a Nobody, and basically just venting. Sorry about the
lenght of this post.
> but at least I know I won't end up in Superior Court and lose my house if I get sick
That would not have happened anyway. If you can't pay a medical bill then don't. Just ignore it. Absolutely nothing will happen.
They might send you letters or call, but why subject yourself to that? Don't open the mail and don't answer the phone (they are required to use caller ID).
People are worried about credit rating but medical bills are excluded from that.
It's also worth noting the major proposed legal reform for the medical debt / credit score issue, the Medical Debt Responsibility Act is primarily about removing paid medical debt from credit reports:
I have personal knowledge of a Children's Hospital taking the home of the parents of a 13 month old infant who received a liver transplant and had ran up at 3 million dollar bill in the hospital.
A little backstory -- I love to volunteer. Fire/EMS, STEM, Kids, you name it, if it's a cause that I support, I'll generally be there with a bell if I've got the free time. One of my non profits that I do a fair amount of technical and 'feel-good' work is a foundation that caters to small children who have terminal or other serious illnesses and helps their family out.
One night in 2013, a rather distraught woman came in saying that Children's had placed a lien on her home because of the unpaid medical bills; apparently, they had moved, civil service sucks in Ohio, and had a default judgement against them. New collections company comes in, finds this family, and then places a lien on her homes, car, and gets a court order to garnish their bank account.
Ultimately, it took a pro-bono attorney about 80 hours to get the entire mess cleaned up. Today, the little guy is almost 4 and the family has a clean title on their home and car, and as long as she keeps less than $2K in her checking account at all times and only has the one home and one car, Children's will never come after her for the money that is owed, and in 3 years, they'll wipe away the debt.
I'm actually sure that overdue medical bills ARE included in your credit rating, from personal experience, I can tell you, not paying your med bills will kill your score.
As someone who is currently in the midst of dealing with 2 separate (and seemingly completely siloed) departments at the IRS as a result of someone stealing my identity, this scares the crap out of me. I've dutifully and quickly followed each department's instructions, and am hoping with all my might that I'll be 100% in the clear after their 180 day (laughable itself) waiting period, but this just sent a shiver down my spine. Hope I get lucky!
A few years ago I interviewed for a senior architect position on an IRS contract. To get the job I had to interview with the subcontractor who was filling the position, then with the prime contractor and finally with the IRS. You had to be accepted by all 3 layers, plus get through salary negotiations to get the position.
The principle job was to build a fraud investigation system by integrating a COTS analysis tool into the IRS systems to automatically generate cases for fraud investigation officers to review. One hitch, as I found out after getting through the gauntlet of interviews, the COTS product that they wanted to use wasn't built to support this kind of integration and the vendor wasn't interested in forking off a special build just for the IRS.
So I asked them a simple question "knowing what I know about this product, and the fact that it can't be integrated as desired, it seems that this is an impossible task, as the senior architect, I'd want to be clear that I have powers to restart the selection process of the tools and systems so I can build a solution that would actually perform as required, would I have this authority?"
At this point, the senior manager from the prime and the pm from the government side got very agitated. You see, there was only 2 months to get a basic system functional and as a result the selection and purchase process had already been completed.
"Without anybody leading the process?"
This was apparently the wrong question, as I had hit some sort of embarrassing point I shouldn't have dug into. They pretty much just wanted somebody in the role to rubber stamp the crap decisions they had already made. They became very defensive, there was some raised voices. I told them I wasn't interested in that kind of position and walked out.
2 years later I found out that they had scrapped the program completely after spending goodness knows how much money and were restarting the entire thing from scratch.
My gut feeling is that this new program too will fail since any working system would likely detect the fraud in their IT acquisition and management.
Not that you did anything wrong, but an IT architect restarting the selection process would, ironically enough, be a violation of the Federal Acquisition Regulations.
The correct way to go about it is to solicit for proposals, and any interested applicants will create a proposal. The submitted proposals will be reviewed by an applications board consisting of contracts officers, COTRs (Contract Officer Technical Rep, IIRC) and maybe a couple of architects, and judged against the criteria established in the solicitation, which may state that the technical superiority is more important than price, or what have you.
Presumably, either the sub or the prime contractor you were interviewing with had already submitted such a proposal, and was obligated to do the work as advertised in their proposal.
If they believed that it couldn't be done, the prime and/or sub-contractor would likely have been fired on inability to deliver, and the government would have had to re-solicit for the project altogether.
I worked for a company that sold EMC products. one of those was an email product that made sure companies captured ALL emails for ETERNITY. these were mainly banks, where (pardon my spelling) sarbanes oxley required banks to keep them (always and forever). emails from say exchange would be copied before it went to their in box, stored on disk and also immediately stored to optical media, which would also automatically be copied. not getting into the other parts that prevented emails from being lost,
I havent worked at that job since 2007. I find it unbelievable that any major government organization such as the IRS does not make sure ALL emails are never lost.
edit: the fact that they lost emails is a huge scandal in its own right IMO
The official party line from Koskinen's testimony this week is that IRS staff members are individually responsible for determining what email is "official" IRS correspondence, then...I shit you not...printing hardcopies of those emails and filing them into physical file cabinets. All other email is subject to a capacity quota, and staff members are instructed to rotate out the email sitting on the servers to free up space when needed, rotating the old email into PSTs on their IRS-issued laptops/desktops (they use Exchange/Outlook).
I would be interested to find out what the email lossage rate is for IRS staff. Not just the 6-8 individual members identified in relation to the Lerner issue, but across the entire organization (even more interesting would be a statistical analysis of the Lerner Group's lossage rate compared to the organization-wide rate).
The NSA has proven the Federal Government has the wherewithal to record everything. I'd like to see what the arguments are against Congress mandating that all forms of communication (snail mail, email, voice comms, telex, etc.) at all Federal agencies for all Federal employees are continuously e-vaulted.
It's probably true. Most of the government is busy moving to cloud email, but the IRS's IT security bible -- Pub 1075 is too prescriptive and narrowly focused (it includes mandates for things like rack door locks) to allow that to happen. So they are probably stuck paying some contractor $50/GB for SAN disk to run mail.
After the South Carolina Tax Department was owned, lack of encryption was the main technical issue, so encrypting "all of the things" is probably their main focus.
As a government employee, records management is a shitshow. There's a 50 page schedule of documents with prescriptive retention periods -- but these are intended for the "record copy" only. An email itself isn't a document. Employees either squirrel away everything or toss everything... The higher up you go, the more you toss.
None (Edit: I'm talking about digital data retention) of this even matters when you take into account the fact that it is IRS policy to print out each and every e-mail sent and received by their employees. One would assume that this is required to maintain a permanent record of all communications for the Federal Archives and for legal matters that arise for confidential taxpayer cases.
"The Treasury Department’s current email policy requires emails and attachments that meet the definition of a federal record be added to the organization’s files by printing them (including the essential transmission data) and filing them with related paper records."[0]
So why have the emails in question not surfaced in paper form yet? If the whole scandal and potential lawsuits are riding on missing emails, which should have been printed and archived from day one, where the hell are they?
As I understand it, the policy is that only emails that should be permanent, official records are supposed to be saved - and the judgement of what those are is left up to the individual employee. If you're someone investigating that employee, you're not going to trust that judgment. You'd want to see all of the employee's emails - even ones about lunch plans and carpool arrangements. Not to mention going through thousands of of paper emails is likely to be even more labor-intensive than the electronic search and review so far.
My friend works at the IRS, and his computer, network, software and environment are a complete nightmare. Each congress votes less and less budget because they don't want their wealthy buddies to get audited or the corps that give them money to be messed with. So the agency responsible for collecting most of the US governments revenue gets further and further behind. Some politicians even want the agency abolished. How revenue comes in then is beyond me. Sure all government agencies waste money but the IRS is one of the few that actually brings money in. Like the Post Offices's crippling advanced pension payment that makes them constantly in the red, political decisions about funding is very much a large part of the problem. My friend just wants to retire and get out of there before it reaches the Stone Age.
"...and his computer, network, software and environment are a complete nightmare."
Are we talking P4 and XP here or something worse? Just interested (I teach and we have mostly Core Duos with 2G/4G and log into a roaming profile system based on Server 2008, all seems to work ok).
I'm seeing this line of thinking a lot, and it's driving me bonkers:
> A private company under investigation that responded to regulators, or a judge, with this sort of explanation rather than producing the requested documents would rightly expect to be handed an adverse judgment or a whopping fine.
Why? Since when is the onus to disprove on the defense and the onus to prove not on the plaintiff? If you suspect a conspiracy to cover up one's tracks, you can go after the defendant additionally for that. But you still have to prove it. I'm not a lawyer but if there is any truth to this statement it is a tarnish on our judicial system. A legal system that convicts based on the possibility of IT problems is hardly reliant on surpassing "reasonable doubt."
She's only referring to your duties to not actively destroy evidence.
If you have a regular expiration cycle for data, that's not a problem, unless you're informed you're being sued or otherwise investigated, at which point it's incumbent for you to turn off that process, and do whatever's necessary to continue to preserve the data.
There are other reasonable things that can trigger the requirement to not destroy data.
The only thing you would be required to prove, if you do lose such data, is that it was entirely accidental, and you didn't have any culpability. Say a tornado destroyed the office with the only set of paper copies, and it was reasonable for you to only have that one set.
"Such policies indicate either an agency that is not concerned with preserving good audit chains or one that has an extremely penny-wise, pound-foolish approach to IT policy."
What happened to the hard drives of everyone she sent emails to, certainly parts of the email chains in question are somewherre on the hard drives of the people she corresponded with
What about the other missing emails? Did six other hard drives also crash?
The House Ways and Means Committee says that this past Monday, the IRS told them that the agency also lost emails belonging to six other IRS employees whose hard drives had also crashed.
One of those six employees was particularly important: Nikole Flax, who had worked as chief of staff to the former head of the IRS. Flax was known to be involved in discussions about the tea party targeting.
This was discussed in the article, they have some of those but it's difficult to systematically search a bunch of personal, one off backups. And it wouldn't include any outside communication with e.g. The whitehouse, which is one of the most damning allegations.
He's probably not referring so much to the specific limits on mailbox size as he is to the policy of forcing responsibility for maintaining permanent archives on the users of the system rather than the administrators of it.
I find it interesting she was archiving on her local hard drive in 2011. Especially given the stories of things people found on hard drives bought at scrap auctions. A better question might be "is it better now?" or not, I'm guessing not.
What's interesting is that in many really large Windows based enterprises I've seen. The space your desktop points to is on a network someplace. You can use this for roaming profiles and all sort of other things (quotas, centralized virus scanning etc.) Everything else on the system is not accessible to the user. So even if you archive your outlook stuff into a PST on your desktop, it's still on the network someplace an admin can get to it. I've even seen this used to recover emails from terminated employee's accounts.
Why archive at all? My guess is that their exchange server has some absurd quote that requires you to purge after you hit 50MB of mail or something. Nobody wants to delete things, so users generally just move old mail into PST files.
This seems to be the default 2 choices for government agencies lately when something bad happens: either they were incredibly incompetent, or they're lying about it. Neither of which puts them in very good light.
There's nothing about this tale of incompetence that's particularly incredible. A lot of privately-run businesses apparently have the same mess when it comes to e-mail archiving - central e-mail storage has restrictive quotas and users have a bunch of PST archives stored locally on their work laptops. It tends to come with running an Exchange server because central storage is expensive and hard to maintain. Don't think the manual printing and archiving of e-mails is terribly unusual either, though most places don't bother.
Doesn't the federal government already have an entire organization dedicated to preserving and archiving every email sent by government employees, as well as members of the public? The NSA?
The IRS cannot spend money on things it's not budgeted for. Did you know the IRS returns $7 in additional taxes for every $1 in fraud prevention funding it gets at the moment?
Literally, a 700% return on investment, yet when was the last time any budget passed by congress raised funding the IRS to hire more auditors?
EDIT: Or let's take the articles conclusion: yes, obviously the government agencies should do better. So naturally we can conclude that the Republicans championing this investigation will be pushing through legislation mandating and funding appropriate upgrades - after all it seems like the inquiry has revealed serious issues which require some dedicated staffing and finance to sort out for a very important agency of the government.
Of course obviously that actually means this will never happen.
Well they did spend 1.8 billion on IT last year. Invariably every government agency says it needs more money when something goes wrong. I don't think its unreasonable to think that the IRS should be able to at least store email for $1.8B. The real question is what did they get for $1.8B.
The federal budget is very loose (unless Congress specifies something specific.
For example, According To The US Government Printing Office, Section 554 of the Bipartisan passed H.R. 4660, An Act Making appropriations for the Departments of Commerce and Justice, Science, and Related Agencies for the fiscal year ending September 30, 2015, and for other purposes.
"Sec. 554. None of the funds made available in this Act may be used to carry out Operation Choke Point."[0]
My point is that managers and execs have a lot of wiggle room and the ability to make a number of funding transfers and decisions. They could clearly use budgeted funds or make a request for funding to accomplish actual data retention if they wanted to.
What makes you think that the Republicans involvement will make sure that "this will never happen". It doesn't matter what the Republicans do when the Democrat administration under President Obama just ignores them and the law.
Edited to change the source material because some people could not handle the link originally used and to add the second sentence in the 3rd paragraph.
True and True. That's why I quoted only a portion of the article and why I checked their source material (the link I put in its place). I originally used it only because it was A#1 on the top of Google when I originally searched for a source.
Politics might be appropriate for some discussion on HN, but your comment had no substance or value outside of democrats/republicans evil/good. Take that shit to reddit or the comments of a partisan news site. Like the link you posted. I'm sure tons of people in the comments would love agree with you.
My comment has plenty of substance. However the comment I replied to had none and did typical partisan finger pointing and generalizing. How was the substance of the quoted material partisan? Who cares where it comes from as long as it is the truth.
Well for one thing, the Executive doesn't make laws - Congress does. The Executive has veto power. Which can't be used if the relevant bill never makes it to the Executive's desk.
The relevant bill hasn't, and I will my hat if it ever comes into existence and reaches the floor.
The executive implements laws, and has managerial discretion within the law as its written. To imply that from $1.8b a functional arm of the government doesn't have e-mail archives is absurd. The IRS is in the buseinss of doings audits. In 2011 this is well beyond a question of competence and into a question of willful negligence. Imgaine if this was put in front of a jury? This type of problem is so predictable, ignorance is no excuse.
You need something to happen to drive archiving. It's bureaucratic minutiae that the President doesn't give a hoot about until something bad happens. The CIO of the IRS doesn't wake up one morning and decide to start archiving stuff. The chief counsel probably wants to delete everything (except for his stuff)
Same thing in the private sector. Nobody outside of regulated industries like pharma archived email, ever until Enron. Everyone didn't start doing it until the Federal courts changed the rules of civil procedure several years ago.
Great so who do you think is reponsible? The current executive? Previous executives under whom this would still have been a problem? The IRS head? Previous heads? Managers? Congress?
Again: my exact point was that the last thing anyone involved in this inquiry is going to do is actually pass specific legislation to address the actual problem, and mandate/authorize spending to do so. Instead we'll get calls for political bloodletting, for all the effectiveness of its name.
Well then the obvious answer is to hold no one responsible. Especially the people who are currently, willingly, and knowingly violating Federal Law and their own policies..... sarcasm.
In reality, they will pass legislation, that will probably go way overboard and will budget 100 times more than is necessary in order to payoff some friend or group of friends (business as usual for Establishment Ds and Rs). Now mind you that the house will do this and because of the politics the Senate, led by the Majority Democrats, will promptly ignore it. Or they will pass it because it will benefit some friend of theirs and the President will sign it but decide to include a signing statement saying that they don't agree with any of it and that they will not implement it. Oh and they will put it as part of a large non-related omnibus package with a title talking about helping Homeowners Purchase Crop Dusters.
The IRS does a lot of moronic things. Keeping overpriced outdated technology is one of them. These types of improvements can and should be self paying. When you require that citizens keep records for many years, you should do the same.
Targeting organizations based on political affiliation is even worse than general incompetence.
Last year, after requesting an ITIN for my wife (who is not a US citizen and thus requires an SSN-esque replacement to be able to file joint taxes), we received two letters from the IRS. One had the ITIN. The other denied our request for the ITIN on the basis that "We have already issued her an ITIN." Apparently, the IRS explains, that second letter should have immediately set my accountant and I to doing forensic debugging of their protocols, because it means that something "seriously wrong" happened to our returns.
What? Glad you asked. See, the IRS had lost my return. "What?" The paper was "in the building somewhere" -- we had gotten a receipt -- but they were unaware of what desk it was at. (Their first hypothesis was "You failed to file", and they threatened penalties for that, until being confronted with a Post Office return receipt. Which is, by the by, why you should always get a receipt.)
My accountant took over yelling at them for a while to find the return, and they eventually did, and -- miracle of miracles -- they typed it into the computer. Twice. Thus generating two separate and equal returns going through non-idempotent processes, such as ITIN generation.
When those two returns met up in the reconciliation stage, they blocked each other from processing. No one at the IRS noticed this, for approximately 7 months, until my third call to their CS line got someone to actually look at the file. She hit "delete" on the duplicate. (I really hope she was simplifying that for me, because it scares me if they can actually delete anything.) Return processed almost immediately, refund check cut 48 hours later.
I almost feel sorry for them on being unprepared to unearth potential political malfeasance, because that is after all a distraction from the day to day administration of the Revenue Code, but processing returns is, as the saying goes, "their only job."