Advertise
Resources
Member, Beacon International Group, Ltd.
(Reuters) — HealthCare.gov, President Barack Obama's health insurance exchange, has security and privacy protection vulnerabilities, a U.S. government watchdog reported Tuesday, nearly a year after the website's troubled rollout.
The Government Accountability Office said that despite steps taken by the U.S. Centers for Medicare & Medicaid Services for security and privacy protection, weaknesses remain in the processes used for managing information security and privacy.
The GAO also identified issues regarding the technical implementation of information technology security controls.
"Until these weaknesses are addressed, increased and unnecessary risks remain of unauthorized access, disclosure, or modification of the information collected and maintained by Healthcare.gov," the GAO said.
The report follows a security breach on the website in August. An unknown computer hacker infiltrated the HealthCare.gov website, apparently uploading malicious files.
"The president and his administration launched HealthCare.gov knowing that the personal information of Americans who bought insurance through the website was not safe. Their personal information was not safe then, and it is not safe now," Sen. Lamar Alexander, R-Tenn., said in a statement.
The report says most of the issues could be attributed to disagreements about security roles and responsibilities with the various contractors, states and federal agencies that are part of the HealthCare.gov system.
"Someone should be held accountable for this kind of gross mismanagement, and security must be fixed immediately before a major hacking attack does massive damage," Sen. Alexander said.
(Reuters) — The FBI has warned health care providers their cyber security systems are lax compared with other sectors, making them vulnerable to attacks by hackers searching for Americans' personal medical records and health insurance data.