Reps. Diana Black (R-Tenn.) and Patrick Meehan (R-Pa.) are demanding that the Internal Revenue Service (IRS) explain how it will ensure the security of its system for processing ObamaCare subsidies.

In their Dec. 6 letter to IRS Commissioner Dan Werfel, which was released Monday, is a response to a September report from the Treasury Inspector General for Tax Administration (TIGTA). That report said the IRS system for determining who will be eligible for tax subsidies under ObamaCare is not secure.

"Specifically, the report found that twelve controls were only partially implemented during the testing process," they wrote. "The ACA infrastructure components included in those twelve security controls also failed during the Security Controls Assessment, as they did not include the baseline configurations and mandatory configuration settings required by the National Institute of Standards (NIST) and Internal Revenue Manual (IRM) guidelines."

The letter said TIGTA recommended that the IRS develop a plan to fix these problems, but also noted that the IRS "disagrees with the recommendation to develop an action plan and did not reference the audit findings that triggered the recommendation."

"We find IRS's refusal to adopt a corrective action plan of serious concern as the sensitive personal information of American taxpayers may be at risk," they wrote. "This audit raises important questions as to whether the IRS can successfully protect taxpayer data against fraud and abuse."

The letter demanded a written explanation of the IRS's plan for handling secure data, and details about how it coordinates with other officials implementing ObamaCare.