Obamacare’s Privacy Nightmare

by Sean Riley & Ed Walton, National Review  |  published on October 4, 2013

Tuesday marked the first day of open enrollment for the health-insurance exchanges set up by the Affordable Care Act. It didn’t go very well: Would-be health-insurance consumers in at least 47 states encountered technical problems. These so-called glitches, however, mask a much more serious concern for consumers: protecting sensitive data. The lack of sufficient security surrounding the exchanges should give potential enrollees pause.

In August, a coalition of attorneys general from 13 states wrote Health and Human Services secretary Kathleen Sebelius to express concerns over consumer privacy and oversight of “navigators,” counselors charged with assisting consumers enrolling in the exchanges. Specifically, the attorneys general asked what policies were in place to screen and monitor program personnel, prevent fraud and remedy cases of it, and regulate the navigators at the state level. But chief among their concerns was whether sufficient safeguards were in place to prevent security breaches.

In September, the concerns of the attorneys proved prescient. An employee of Minnesota’s health exchange accidentally sent 2,400 Social Security numbers, complete with names and addresses, to an insurance broker applying to become a navigator. Not only was the information mishandled, it was sent in an unencrypted and unsecured spreadsheet, suggesting additional lapses in security.
HHS has yet to respond to the August letter.

Concerns are not limited to the 13 attorneys general who wrote to Secretary Sebelius. In California, state insurance commissioner Dave Jones — an early supporter of the ACA — expressed worry that the 21,000 personnel providing customer support for the exchanges lacked proper oversight and could “obtain information that will allow them to build the trust they have with the individual they’re working with and potentially sell them all manner of bogus products, steal their identity, [and] gain access to certain assets they might have.”

Commissioner Jones is not alone in his unease. A report from the House Oversight Committee found that top HHS officials are similarly worried about the potential for identity theft. HHS officials expressed concern that individuals may pose as navigators to defraud consumers — because there is no way for consumers to verify who is certified — or that certified navigators themselves may misappropriate sensitive data due to lack of oversight, training, and safety protocols. Navigators are required to undergo as little as five hours of training before handling sensitive data, and are not subject to background checks.

No comments yet - you can be the first!

Comments are closed.

Do you Love your country but hate your government?

Join your fellow Libertarians who seek a world of liberty; a world in which all individuals are sovereign over their own lives and no one is forced to sacrifice his or her values for the benefit of others. Join over 500,000 Americans who get their daily dose of minimal government and maximum freedom with The New Liberty Movement.

We know how important your privacy is and your information is SAFE with us. We’ll never sell
your email address and you can unsubscribe at any time directly from your inbox.
View our full privacy policy.