Health exchange websites not prone to hackers ; But then, supposedly secure sites have been hacked in the past [Florida Times Union]
(Florida Times Union Via Acquire Media NewsEdge) Times-Union readers want to know:
I've heard that when you sign up for health care on the federal exchange, your personal information isn't protected. Is that true?
It is certainly true that the website, healthcare.gov, has experienced numerous slowdowns and other problemssince it opened on Oct. 1. Other state marketplaces have experienced similar issues with registrations, speed and a bug-filled live chat.
When Rep. Tom Cotton, R-Ark., who hasn't been shy about criticizing the health care law, was interviewed on MSNBC, he said the websites are likely to be hacked: "They realize that the websites aren't ready, that there's no privacy protections, that there's likely to be data breaches."
PolitiFact.com, the Pulitzer Prize-winning fact-finding website run by The Tampa Bay Times, looked into the allegations and found no evidence that Cotton's claim was true.
As users navigate healthcare.gov, they are directed to their appropriate state websites. Once you apply for health insurance, you do have to submit personal information, including your Social Security number and last year's income.
The health care law stipulates thatall the information must be related to determining if the applicant can receive a subsidy to lower the price of the insurance. The site sends the information through a data hub, so that the Internal Revenue Service, the Department of Homeland Security and the Social Security Administration can verify customers' identities and confirm eligibility, according to the Centers for Medicare and Medicaid Services, which oversees the online marketplaces.
The information isn't stored at this data hub, PolitiFact.com found. The Affordable Care Act contains numerous federal privacy regulations that keep the system's information center from amassing consumer data that would be prone to hackers' eyes.
And all the exchanges, whether state-run or run by the feds,follow basic security protocols that have been in place at government sites for a long time.
Scott Borg, CEO of the U.S. Cyber Consequences unit, a nonprofit institute that researches the economic consequences of possible cyber attacks, told PolitiFact.com that the health marketplaces are more secure than most popular e-commerce sites because they're less complicated.
Other security experts confirmed that the health sites are very secure.
PolitiFact.com asked Cotton's office about his contention; his staff referred to an August report showing that government agencies pushed back some early security-testing deadlines. This was true, PolitiFact.com discovered, but the Centers for Medicare and Medicaid Services reported later that the final security testing - including security testing by an independent organization - was completed on Sept. 6, several weeks before the marketplaces opened in October.
A spokeswoman for Cotton also told PolitiFact.com of an incident in which MNsure, the Minnesota marketplace, accidentally emailed a spreadsheet identifying 2,400 insurance agents to an insurance broker's office. But that incident didn't involve consumer information, and it happened before the MNsure marketplace opened on Oct. 1, PolitiFact.com reported. Also, MNsureinsisted that that the event was due to human error, not an IT glitch.
Now, are the health care websites completely impervious to hackers? It's impossible to make such a guarantee, judging from the secure websites that have been hacked in the past - major corporations, world governments, universities, hospitals and the like.There are some sophisticated computer hackers out there.
But there is no indication that the health exchange websites are extremely vulnerable. Cybersecurity experts that spoke with PolitiFact.com raised no concerns about security, and the one expert contended that the federal sites, because of their simplicity, are even more secure than e-commerce websites consumers are already accustomed to using.
Cotton was wrong to say that "there are no privacy protections" in the new online health exchanges. PolitiFact, which rates statements by politicians from "True" to "Pants on Fire" rated Cotton's statement as "False."Carole Fader: (904) 359-4635FACT CHECKWant something checked out? If you see or hear about something that needs a Fact Check, e-mail firstname.lastname@example.org
(c) 2013 ProQuest Information and Learning Company; All Rights Reserved.
[ Back To Technology News's Homepage ]