|
GAO report warns of security risks in
U.S. healthcare website
Send a link to a friend
[September 17, 2014] (Reuters)
- HealthCare.gov, President Barack Obama's
health insurance exchange, has security and privacy protection
vulnerabilities, a U.S. government watchdog reported on Tuesday, nearly
a year after the website's troubled rollout.
|
|
 The General Accounting Office (GAO) said that despite steps taken by
the Centers for Medicare & Medicaid Services (CMS) for security and
privacy protection, weaknesses remain in the processes used for
managing information security and privacy.
The GAO also identified issues regarding the technical
implementation of IT security controls.
"Until these weaknesses are addressed, increased and unnecessary
risks remain of unauthorized access, disclosure, or modification of
the information collected and maintained by Healthcare.gov...", the
GAO said.
The report follows a security breach on the website in August. An
unknown computer hacker infiltrated the HealthCare.gov website,
apparently uploading malicious files.
“The president and his administration launched HealthCare.gov
knowing that the personal information of Americans who bought
insurance through the website was not safe. Their personal
information was not safe then, and it is not safe now," Senator
Lamar Alexander said in a statement.
[to top of second column] |
The report says most of the issues could be attributed to
disagreements about security roles and responsibilities with the
various contractors, states and federal agencies that are part of
the HealthCare.gov system.
"Someone should be held accountable for this kind of gross
mismanagement, and security must be fixed immediately before a major
hacking attack does massive damage,” Alexander said.
(Reporting By Krishna Chaithanya; Editing by Ken Wills)
[© 2014 Thomson Reuters. All rights
reserved.] Copyright 2014 Reuters. All rights reserved. This material may not be published,
broadcast, rewritten or redistributed.
 |
