HealthCare.gov Security Still Not Strong Enough

January 6, 2014

House Majority Leader Eric Cantor intends to introduce new legislation to make HealthCare.gov more secure.

In a memo to his fellow House Republicans, Cantor said he would schedule floor action next week on proposals to make the healthcare website safer as well as notify consumers when their personal information has been compromised, said Reuters.

In the memo, Cantor wrote: "American families have enough to worry about as we enter the new year without having to wonder if they can trust the government to inform them when their personal information -- entered into a government mandated website -- has been compromised," House Republican Leader Eric Cantor said in the memo to colleagues on Thursday.

Cantor cited widespread warnings that personal information could be breached after it's entered into the new health law system, said Reuters. One recent report from data company Experian cautioned that the millions entering the insurance exchanges will "increase the vulnerability of the already susceptible healthcare industry."

Experian warned that the industry, "by far, will be the most susceptible to publicly disclosed and widely scrutinized data breaches in 2014."

An administration spokesman responding to Cantor's memo said that security on the website was a top priority and was protected by stringent standards as well as ongoing testing, said Reuters.

"To date, there have been no successful security attacks on HealthCare.gov and no person or group has maliciously accessed personally identifiable information from the site," said Aaron Albright, a spokesman at the Centers for Medicare and Medicaid, which was in charge of launching HealthCare.gov.

Under current policy, an agency within the Department of Health and Human Services is tasked with deciding whether there is a risk of harm and whether individuals need to be notified whenever a security breach occurs,

Cantor, in his memo, likened the risks surrounding HealthCare.gov to the recent data breach at Target, said Reuters.

You must login or register in order to post a comment.

ON DEMAND: DevSecOps creates an environment of shared responsibility for security, where AppSec and development teams become more collaborative. With the right training and tools, developers can become more hands-on with security and, with that upskilling, stand out among their peers... however, they need the security specialists on-side, factoring them into securing code from the start and championing this mindset across the company.

ON DEMAND: The insider threat—consisting of scores of different types of crimes and incidents—is a scourge even during the best of times. But the chaos, instability and desperation that characterize crises also catalyze both intentional and unwitting insider attacks. Learn how your workers, contractors, volunteers and partners are exploiting the dislocation caused by today's climate of Coronavirus, unemployment, disinformation and social unrest.

Security Magazine

2020 October

This month in Security magazine, we explore how Corning's global security group ensured business continuity and employee safety during the global COVID-19 pandemic. Also, we highlight the global security team at Uber and their recent security programs and initiatives. Industry experts discuss travel safety programs, career hackers, working for terrible bosses, group attribution error and more.

View More Create Account

HealthCare.gov Security Still Not Strong Enough

Related Articles

Related Products

Related Events

Report Abusive Comment