18 September 2013
Security Now a Concern for Insurance Exchanges
Now lawmakers become concerned about the ability of the system to protect personal health records and other private information. If our congressional people would have been concerned about this when they should have been concerned, maybe we would not need these concerns now. Unfortunately, we still would, as Congress is not far sighted enough, only to the next election and their reelection. That is what all the posturing is about.
Yes, cyber security needs to be a concern, but this will never be fully addressed, as Congress does not wish to offend the NSA because they will be the largest consumer of the information. The data hub, which is scheduled to go live October 1, will process names, dates of birth, Social Security numbers, health conditions, and several other pieces of personal information which at best will be very insecure.
Representative Patrick Meehan, a Pennsylvania Republican is on target when he questioned how CMS completed its security assessment nearly a month ahead of schedule after the agency had “for three years failed to meet a single deadline.” The hub, as it is called, will store little information, instead accessing information in other databases as needed. This means that once the hub is breached; all the other sources will be accessible. Data breaches at the hub would do “irreparable harm” to users, said Stephen Parente, director of the Medical Industry Leadership Institute at University of Minnesota. There hasn’t been enough security testing on the hub, which is a “massive IT project with literally no technical precedent,” he added.
Others are doing their best to downplay the security aspect and I feel are doing more harm than good. It is not a matter of if, but when the security breaches will happen. I say breaches and they will probably come in rapid succession once they start and the U.S. Department of Health and Human Services will probably do its best to cover this up and this is where the concern needs to be.