Get breaking news alerts via email

Click here to manage your alerts
The Washington Post: ACA security check

The Washington Post

The Washington Post

First Published Jan 09 2014 01:01 am • Last Updated Jan 09 2014 01:01 am

Republicans this week plan to put yet another criticism of the Affordable Care Act front-and-center on the House floor. It is another political weapon, but if treated seriously, this one could lead to useful reform.

For the past several weeks, Republicans have claimed that the website HealthCare.gov and the systems behind it may not be secure enough to keep Americans’ personally identifying information safe. They have selectively released evidence they collected through their oversight efforts to make it seem as though the site has major security vulnerabilities.

Join the Discussion
Post a Comment

In response, Democrats presented selective evidence of their own. The Department of Health and Human Services (HHS), meanwhile, reported that "there have been no successful security attacks on HealthCare.gov, and no person or group has maliciously accessed personally identifiable information from the site." The administration also said that the site is fully compliant with federal security standards.

That’s presumably true, but those standards could use some upgrading. HealthCare.gov no doubt has some vulnerabilities, as do many other sites. Data breaches of well-protected government — and, for that matter, private — systems containing sensitive information indicate that HealthCare.gov would hardly be unique in this regard, even if it is a uniquely tempting political target.

ACA sites don’t collect the breadth of sensitive personal data that other federal systems, such as Medicare’s, do.

The House Republicans’ bill would require the government to notify victims of any illegal security breach in the ACA’s systems within two business days. If that makes sense for HealthCare.gov, though, why not require the same of other sensitive federal systems, too?

If Republicans want to pass useful policy, rather than simply throw another bomb at the ACA, they should detach their proposal from anti-Obamacare politics and vote on a broader federal transparency requirement, or even renew their push for more ambitious federal cybersecurity reforms.

There are Democrats who would join in such a project; a proposal to update federal data security standards last year passed the House unanimously. A bigger effort would be well worth it, though the two-day notification requirement is probably unrealistic.

It would be unfortunate, though, if Republicans succeeded in scaring Americans away from enrolling in health-insurance plans, undoubtedly a goal for some. Many uninsured Americans, in particular, have a lot more to gain than lose from logging into HealthCare.gov, examining their options, calculating the government subsidies they qualify for — and signing up.

Copyright 2014 The Salt Lake Tribune. All rights reserved. This material may not be published, broadcast, rewritten or redistributed.

Top Reader Comments Read All Comments Post a Comment
Click here to read all comments   Click here to post a comment

About Reader Comments

Reader comments on sltrib.com are the opinions of the writer, not The Salt Lake Tribune. We will delete comments containing obscenities, personal attacks and inappropriate or offensive remarks. Flagrant or repeat violators will be banned. If you see an objectionable comment, please alert us by clicking the arrow on the upper right side of the comment and selecting "Flag comment as inappropriate". If you've recently registered with Disqus or aren't seeing your comments immediately, you may need to verify your email address. To do so, visit disqus.com/account.
See more about comments here.
Staying Connected
Contests and Promotions
  • Search Obituaries
  • Place an Obituary

  • Search Cars
  • Search Homes
  • Search Jobs
  • Search Marketplace
  • Search Legal Notices

  • Other Services
  • Advertise With Us
  • Subscribe to the Newspaper
  • Access your e-Edition
  • Frequently Asked Questions
  • Contact a newsroom staff member
  • Access the Trib Archives
  • Privacy Policy
  • Missing your paper? Need to place your paper on vacation hold? For this and any other subscription related needs, click here or call 801.204.6100.