A top HealthCare.gov security officer told Congress that the Obamacare website passed security testing in December.
Teresa Fryer, the chief information security officer for the Centers for Medicare and Medicaid Services (CMS), told members of the House Oversight Committee that since the site’s launch last year, security testing has continued -- and is conducted on a regular basis, said ABC News.
“Given the positive results of the recent security control assessments... I would recommend [HealthCare.gov] be given a new authority to operate” when the current ATO expires, Fryer told the committee. While noting that one can “never guarantee any system is hack-proof,” she noted that “the protections we have put in place have successfully prevented attacks.”
Committee Chairman Darrell Issa, R-Calif., in his opening remarks was nevertheless skeptical, ABC News reported. He said given all the problems with HealthCare.gov -- which serves as the Obamacare portal for 36 states -- the website is “still questionable in its security.”
The risk of vulnerabilities on the health care website is very serious, the congressman said, given that it has “tentacles to some of the most personal information” on databases belonging to multiple government agencies like the Social Security Administration and the Department of Homeland Security, said ABC News.
Fryer said that the Healthcare.gov site has now undergone full, end-to-end testing and that government officials have put a strong mitigation plan in place to respond to attacks.