HealthCare.gov’s Host of Problems

eyeglasses and newspaper blue background

A new report[1] from the Government Accountability Office (GAO) finds that the website HealthCare.gov is still plagued with a host of security problems that put Americans’ personal and financial information at risk of being compromised by identity thieves. Among them, is the fact that there is no alternate processing site that would allow for the recovery of HealthCare.gov systems, should the site go down unexpectedly.

“Collectively, these weaknesses put HealthCare.gov systems and the information they contain at increased and unnecessary risk of unauthorized access, use, disclosure, modification, or loss,” says the report. All in all, the report makes six recommendations to the Department of Health and Human Services (HHS) to resolve privacy concerns, and 22 recommendations for addressing technical and security problems.

Yet the report comes on the heels[2] of another revelation from the group Judicial Watch, which obtained an internal memo from HHS. According to the memo, HHS officials knew HealthCare.gov contained “limitless” security risks, yet they launched the website anyway last October.

Sound serious? That’s because it is, especially given that it’s no longer a hypothetical scenario. In early September, it was revealed[3] that HealthCare.gov had been hacked back in July, but it took HHS officials weeks to discover the breach.

No personal information was taken that time, but thanks to negligent bureaucrats, the entire world knows HealthCare.gov has some serious security flaws. How long until the next hacker is able to steal personal data? Last year, government officials brushed aside security concerns for the sake of political convenience, knowing it could leave millions of Americans exposed. That is simply unacceptable.