New bill zeroes in on healthcare.gov security

Share

Written by

House Majority Leader Eric Cantor announced intentions to bring a bill addressing healthcare.gov security to the floor next week. The bill would, in part, require the government to notify citizens if a hacker has compromised their personal information.

The language for the bill will draw from three previous security bills introduced by Reps. Diane Black, R-Tenn., Kerry Bentivolio, R-Mich., and Gus Bilirakis, R-Fla.

“IT experts have repeatedly raised red flags about the security of the information people are putting into the exchanges,” Black said.

The Obama administration has been defending the website’s security through numerous investigative hearings. While testifying before a House committee hearing Dec. 11, Health and Human Services Department Secretary Kathleen Sebelius assured representatives personal information was not stored on the website itself.

Before the Oct. 1 launch of the website, the Centers for Medicare and Medicaid Services released a statement saying consumers can “trust the information they’re providing is protected by stringent security standards and that the technology underlying the application process has been tested and secure.”

There have been 32 information security incidents with healthcare.gov since its launch as of Dec. 13, and 11 of those are under investigation, according to a memorandum from Reps. Henry Waxman, D-Calif., and Diana DeGette, D-Colo.

In addition, a number of security experts have disagreed with the website’s solidity. According to David Kennedy, CEO of TrustedSEC, the website is very susceptible to attack.

Kennedy testified in front of a House committee hearing Nov. 19, saying the overall foundation of the healthcare.gov is flawed.

If you build a house and the foundation is bad, the whole thing is flawed, Kennedy testified.

Some of the bills from which language will be taken also require the Government Accountability Office to review the website and have the website certified by the issuing agency’s chief information officer before the website can be made public. The standards would extend to other federal websites published after July 1, 2013.

Between Oct. 1 and Dec. 24, 1.1 million people enrolled in health care coverage through the Affordable Care Act. Almost a million of those enrollments came in December alone, according to CMS. Healthcare.gov can currently support 83,000 concurrent users.

-In this Story-

Barack Obama, Congress, Cybersecurity, David Kennedy, diane black, Eric Cantor, Government Accountability Office (GAO), Government IT News, gus bilirakis, kerry bentivolio, Tech, White House
TwitterFacebookLinkedInRedditGoogle Gmail