Shoring Up HealthCare.gov Security
With Obamacare’s Future Solidified, Privacy Fears in Spotlight
… Health insurers, as well as health insurance exchanges and their related databases, are a potential target for hackers because “any collection of data that includes Social Security numbers is particularly vulnerable,” notes security expert Tom Walsh, founder of the consulting firm tw-Security.
“Healthcare was doing a good job of eliminating Social Security numbers from our systems. In the old days, the SSN was a person’s member number for their insurance. It was finally getting to the point where SSNs were less frequently collected and used in healthcare,” he says.
However, under Obamacare, sensitive consumer data, including Social Security numbers and income information, is used on the insurance exchanges to help individuals enroll in insurance plans and qualify for subsidies, Walsh notes. “So healthcare is back in the SSN game again – especially insurance companies.”
… Walsh says that protecting the health insurance exchanges also comes down to basics. “I was surprised when I read that the OPM did not encrypt data at rest. The government should lead by example and implement better security practices.”