HealthCare.gov Security Still Not Strong Enough

January 6, 2014

House Majority Leader Eric Cantor intends to introduce new legislation to make HealthCare.gov more secure.

In a memo to his fellow House Republicans, Cantor said he would schedule floor action next week on proposals to make the healthcare website safer as well as notify consumers when their personal information has been compromised, said Reuters.

In the memo, Cantor wrote: "American families have enough to worry about as we enter the new year without having to wonder if they can trust the government to inform them when their personal information -- entered into a government mandated website -- has been compromised," House Republican Leader Eric Cantor said in the memo to colleagues on Thursday.

Cantor cited widespread warnings that personal information could be breached after it's entered into the new health law system, said Reuters. One recent report from data company Experian cautioned that the millions entering the insurance exchanges will "increase the vulnerability of the already susceptible healthcare industry."

Experian warned that the industry, "by far, will be the most susceptible to publicly disclosed and widely scrutinized data breaches in 2014."

An administration spokesman responding to Cantor's memo said that security on the website was a top priority and was protected by stringent standards as well as ongoing testing, said Reuters.

"To date, there have been no successful security attacks on HealthCare.gov and no person or group has maliciously accessed personally identifiable information from the site," said Aaron Albright, a spokesman at the Centers for Medicare and Medicaid, which was in charge of launching HealthCare.gov.

Under current policy, an agency within the Department of Health and Human Services is tasked with deciding whether there is a risk of harm and whether individuals need to be notified whenever a security breach occurs,

Cantor, in his memo, likened the risks surrounding HealthCare.gov to the recent data breach at Target, said Reuters.

You must login or register in order to post a comment.

ON DEMAND: DevSecOps creates an environment of shared responsibility for security, where AppSec and development teams become more collaborative. With the right training and tools, developers can become more hands-on with security and, with that upskilling, stand out among their peers... however, they need the security specialists on-side, factoring them into securing code from the start and championing this mindset across the company.

The event will look at the in-car and off-board infrastructure cybersecurity policies, technologies, services, and products that will enable top OEMs and suppliers to strengthen their products’ defenses, mitigation, and resilience.

Security Magazine

2020 August

This month in Security magazine, we examine how physical security leaders are being propelled into a unique position of revenue preservers and risk managers for their businesses. In addition, we profile Scott Ashworth, Director of Security for Atlanta United. Also, security leaders discuss how to develop cybersecurity careers, election security, data protection strategies, measuring and reporting security operations maturity and more!

View More Create Account

HealthCare.gov Security Still Not Strong Enough

Related Articles

Related Products

Related Events

Report Abusive Comment